Patch Tuesday December 2019 - Forecast
Hey guys, The last Patch Tuesday of this year is almost here, let's take a quick look at what to expect in December 2019 - Patch Tuesday We can expect the usual monthly rollups and security - only patches from Microsoft. This will ideally include patches for the various operating systems, along with updates for Office, SharePoint server, Internet explorer and .NET There are possibilities for updates from Apple as well in the form of updates for MacOS, iTunes and iCloud for Windows. Google has also
Timing of deployment?
with the refresh rate at 90 minutes, some servers do not begin their deployments until well after the deployment window starts. Does anyone have any ideas on how to get the endpoints to start their deployments as close to the beginning of the deployment window as possible, other than scheduling reboots of the end points which forces them to check in?
How to configure automated scan-only job
This article says that patch scan occurs immediately following an update to the patch database. We use a manual process for updating the Patch Manager Plus Server's security database. I'd like to have an automated method for scanning systems apart from the update from the Patch Repository. The APD processes require that at least one patch is selected. I don't want to install patches, I just want an automated process that scans the designated systems to determine their patch level. Is a scan-only
Windows Server 2016 patching.
Folks - in our patching process, we approve the patches 30 days after they have been deployed to the test groups. Since the Windows 2016 patches get superseded every month, our Windows 2016 production servers are never getting patched, because the superseded updates are automatically disabled and cannot be used in the APD tasks. Does anyone have any work-arounds for this, other than getting those 2016 servers patched before the updates become superseded, which would require us to change our process
Roadmap for supporting CentOS 8 and RHEL 8
Hello, May I know if there's any roadmap for supporting patch management on CentOS 8 and RHEL 8? Regards, Ryan
Cyborg Ransomware reported!!
Hello All, A quick heads-up on the spreading cyborg ransomware phishing e-mails. It is not new that intruders make use of trending events to manipulate Internet users into cyber-attacks. Now that Windows has rolled-out its Vanadium 1909 feature pack update, what could be more trending in the cyber-space? So yes, Phishing e-mails are out seeking for victims. The e-mails come with subject lines like "Install Latest Microsoft Windows Update now!" or "Critical Microsoft Windows Update!". Just in
Linux with different group
Dear All: I am new for PMP and I have doubt does there are any mechanisms for grouping Linux into different groups? Thanks in advance...
Patch manager plus - Free cloud version
Hi, I am trying to add more computers, i am able to install the agent, but the computer never shows in "waiting for approval". When i troubleshoot with the "Agent troubleshooting Tool" i get 1 error message and 1 warning message. The error message says that the notification server is unreachable. I am not able to telnet the server via port 8027 from any of my other computers that are already being managed by Patch Manager Plus. I am able to telnet the server on port 443. The warning message is related
Rollout of Windows 10 1909 Feature updates - The Vanadium!
Hello All, A Quick heads-up, Microsoft has released its Windows 10 1909 feature updates for users. Below you can find few highlights of this feature update. Most of the new features are focused on increasing general performance and efficient battery usage. An improved security when using Internet Explorer and Microsoft Edge. Voice-activated digital assistants can be accessed by users from Windows 10 lock screen. Go ahead, and update this feature pack by applying the below Patch IDs in Patch
Patch Tuesday November 2019 Updates
Hi there, This Patch Tuesday brings the following fixes and updates New Security Bulletins : 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234) 2019-11 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 (KB4525235) 2019-11 Security Monthly Quality Rollup for Windows Server 2012 (KB4525246) 2019-11 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 (KB4525243) 2019-11 Cumulative Security Update for Internet Explorer 9 for Windows
Automatic Agent Version Updates - Patch Manager
Hi Guys , Has anybody automated agent updates on the Desktops and Servers whenever a new version is available from Manage Engine Patch Manager Plus ?
Applicable patches for CentOS did not include some important updates
Hi all, I am now evaluating Patch Manager Plus for applying patches to CentOS and Ubuntu. I noticed that the recent sudo related patches for CentOS (i.e. CESA-2019:3197) were shown at the 'Latest patches' page. However, they are not shown at the 'Applicable patches' and all my CentOS machines did not get the patches. However, when I use 'yum update' inside those machines, the 'sudo' entry did show up Furthermore, I have tried to use the 'Manual deployment' to install those patches to CentOS.
Auto Approve Clients from Patch Manager
Hi team , Is there a way to Automatically approve the devices on the the Patch manager for Desktops and Laptops .
MacOS Catalina supported on Patch Manager Plus Cloud
Hi there, We are delighted to announce that Patch Manager Plus cloud now supports the latest MacOS, Catalina. You can avail all of our patch management features to manage and secure your endpoints running on MacOS Catalina. Feel free to e-mail our support team at patchmanagerplus-support@manageengine.com, incase of any queries. Cheers, ManageEngine Team
Free support for Windows 7 Extended Security Updates
Hello everyone, Microsoft has announced the end of life for Windows 7 and Windows Server 2008/2008 R2. This means that you will no longer get bug fixes, security updates, or new functionalities for this version of the OS. We would suggest you to migrate to the latest version of Windows 10 as soon as possible to avoid potential cyber attacks. Incase you are unable to migrate on time or reluctant to upgrade, you can purchase and avail the Extended Security Updates (ESUs) that Microsoft offers for
Patch now! 2 new use-after-free zero day vulnerabilities in Chrome.
Google Chrome decided to spook its users this Halloween by issuing an update that fixes 2 new use-after-free vulnerabilities "CVE-2019-13720" and "CVE-2019-13721", of which CVE-2019-13720 is already exploited in the wild. Use-after-free flaw, which in the least could result in a crash or could be leveraged by an attacker to run arbitrary codes or even enable remote code execution. CVE-2019-13720 - affects the Chrome's audio component. CVE-2019-13721- affects the PDFium library. Google also announced,
Console showing machine as "Healthy" when it needs significant Windows updates
Just evaluating Patch Manager Plus in a lab enviroment to see if it fits our business needs for a cloud based solution. I have a couple of standalone machines with the agent installed for remote office and its a clean install of Win 10 Enterprise 1809 that I know needs loads of Windows OS patches. I disabled Windows update in the local group policy because I know within minutes of an internet connection Windows update will start downloading quality updates, which is exactly what we dont want and
Is KB4503548 (.NET 4.8 for Windows 7 x64) supported? -- I can't find it
-- Is KB4503548 a supported patch? My Windows 7 workstations have this as an available important update shown in Windows Update tool in Control Panel but Patch Manager Plus is not listing it as an update for these computers I even did a search for it in "Supported Patches" but it doesn't show up when I enter the KB number in "patch description" box. Also do you have a resource available to search Microsoft's KB ID's to get Patch ID or Bulletin ID? Thanks, Ben
"Aw, Snap!" messages in the latest Chrome M78 update
Hello All! The latest Google Chrome M78 update faces a high number of "Aw, Snap!" crashes. This is found to be a result of incompatible older versions of Symantec Endpoint Protection running on the computers in your network. Resolution: Update your Symantec Endpoint Protection to version 14.2 or above. Disable the RendererCodeIntegrityEnabled policy. Listed below are few other applications that might be causing the crash, contact the application vendor for a fix. 1. PC Matic 2. Print Audit 3. Palo
On cloud nine as Patch Manager Plus cloud goes Mac friendly
Hello folks, We are extremely thrilled to announce that Patch Manager Plus Cloud now supports the patching of Mac machines as well. All versions of MacOS right from version 10.6 (Snow leopard) to version 10.14 (Mojave) is supported. Further you get to enjoy all the patch management features, listed below, on your Mac machines now: Automated patch deployment Third party application patching for over 300+ applications Flexible deployment policies Testing and approving patches Declining patches Detailed
Adobe releases out-of-band security updates in its products
Adobe is considered one of the widely used third-party applications in the market with over 15 million active subscriptions. As announced earlier, Adobe has released out-of-band security updates today to patch a total of 82 security vulnerabilities across products listed below. Adobe Acrobat and Reader Adobe Experience Manager Adobe Experience Manager Forms Adobe Download Manager Of these 82 vulnerabilities, 45 are rated critical and if exploited, attackers can execute arbitrary code in the context
Zero-day vulnerability in Apple iTunes and iCloud for Windows patched
Hi guys, A zero-day vulnerability in iTunes and iCloud for Windows, which has been exploited in Ransomware attacks has been patched in Patch Tuesday October 2019 updates. The vulnerability exists in the Bonjour installer that gets installed in Windows machines along with the iTunes and iCloud for Windows app. This vulnerability in Bonjour installer is an 'unquoted service path' vulnerability, and can be exploited by planting a malicious executable file to the parent path. Further this exploit's
Receive the latest updates of Drivers and BIOS
Hi! There is a new Feature in Desktop Central: Get the latest driver and BIOS updates. This Feature would be nice too in Patch Manager Plus! Regards, Holger
Microsoft Patch Tuesday Updates - October 2019
Howdy folks A quick run-down on the patch tuesday updates for October 2019 New Security Bulletins : 2019-10 Security Only Quality Update for Windows Server 2008 (KB4520009) 2019-10 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4520003) 2019-10 Security Only Quality Update for Windows Server 2012 (KB4519985) 2019-10 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4519990) 2019-10 Cumulative Update for Windows 10 Version 1903 and Windows Server
Patches for 8 high-severity vulnerabilities in Foxit Reader released
Hey folks, Eight highly critical vulnerabilities have been discovered in Foxit Reader and Foxit has come out with the patches to fix these vulnerabilities. The most severe of these vulnerabilities has a CVSS score of 8.8 and could result in arbitrary code execution and denial of service, when used in older versions of Foxit Reader (version 9.4.1.16828). The other seven vulnerabilities have a CVSS score of 7.8 and could allow a remote attacker to gain access to the system. These specifically target
Microsoft releases out-of-band security update to fix IE zero-day & Defender bug
1. IE zero day The IE zero day is a very critical vulnerability which can be exploited via Remote Code Execution (RCE). Remote code execution is an attack that can be performed by executing malicious codes from remote location. The IE zero day is tracked with CVE-2019-1367identifier. 2. Microsoft Defender DoS bug Microsoft also released security patches to fix a DoS bug associated with Microsoft Defender. The good news is, to exploit the bug, the attacker first needs to gain access to the victim's
Patch Tuesday September 2019 updates from ManageEngine
Good day. Quick update on the September 2019 Patch Tuesday. New Security Bulletins : 2019-09 Security Update for Adobe Flash Player for Windows (KB4516115) 2019-09 Security Only Quality Update for Windows Server 2008 (KB4516051) 2019-09 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4516033) 2019-09 Security Only Quality Update for Windows Server 2012 (KB4516062) 2019-09 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4516064) 2019-09 Cumulative
user privilege to scan patches and install agent
Dear support, Please send me require user privilege for Linux , SUSE, UBUNTU, ..etc to scan patch servers and install agent , we don’t recommend using root password Thanks, Hani Nasif ManageEngine Golden Partner, KSA
Query for Custom Groups
Hi all, Hoping someone can point me in the right direction. Database is postgresql. I am trying to list all managed computers under a dynamic custom group. Select * from resource - will return the resourceID, name, domain_netbios_name etc I see my custom groups have a resourceID assigned and all groups returned are resource_type 101 Select * from CustomGroupMemberRel returns back member_resource_id and group_resource_id, but neither of those fields contain the dynamic group ID's. My APD tasks have
Reinforce data protection with our all new Data leakage prevention solution: "Device Control Plus".
We are absolutely glad to inform you that we have introduced a brand-new Data leakage prevention solution for removable devices - Device Control Plus Reinforce data protection with our all new Data leakage prevention solution: Device Control Plus. Control, block and monitor all USB and peripheral devices effortlessly. Eliminate data loss due to unauthorized data transfers. Implement file access control to prevent unprivileged access. Get your work done quickly by granting temporary access to
Vulnerability manager Plus (Patch Management) - Disable Automatic Updates
I'm looking to push the "Disable Office 365 Automatic updates" to a group of PC's as several 3rd party applications the PC's run are sometimes broken by the application of the monthly updates provided by Microsoft. If the end user (and the PC) transitions to a different department/responsibility, how is it possible to restore the automatic monthly patching of MS Office since the registry has been "tattoo'ed" with specific entries? Thank you.
Patch Management - Disable Automatic Updates - Office 365
I'm looking to deploy the "Disable Office 365 Updates" and the changes are made to the registry of the target PC's. If the PC is removed from the grouping and I want the Office 365 updates to begin automatically applying directly from Microsoft, what is the process to make this happen. Thank you.
Superseded Patch Removal
Good morning! I am having a problem where superseded patches are showing up I am running PM+, Build Version:10.0.347, and have patches listed under my Missing Patches section that are considered superseded and hence are disabled and greyed out. Due to this, I am unable to select it to Decline Patch and remove it from my list. Can you please advise how to remove superseded patches so they're not considered missing?
Patch Tuesday August 2019 updates from ManageEngine
Good day. Quick update on the August 2019 Patch Tuesday. New Security Bulletins : 2019-08 Security Only Quality Update for Windows Server 2008 (KB4512491) 2019-08 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4512486) 2019-08 Security Only Quality Update for Windows Server 2012 (KB4512482) 2019-08 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4512489) 2019-08 Cumulative Update for Windows 10 Version 1809 and Windows Server 2019 (KB4511553) 2019-08
July 2019 Patch Tuesday updates
New Security Bulletins : 2019-07 Security Only Quality Update for Windows Server 2008 (KB4507461) (CVE-2019-1132) 2019-07 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4507456) (CVE-2019-1132) 2019-07 Security Only Quality Update for Windows Server 2012 (KB4507464) (CVE-2019-0880) 2019-07 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4507457) (CVE-2019-0880) 2019-07 Cumulative Update for Windows 10 Version 1803 and Windows Server 2016 (1803)
Mozilla fixed Zero-day vulnerabilities in Firefox
Mozilla addressed two zero-day vulnerabilities in Mozilla Firefox that were being used in targeted attacks in the wild. CVE-2019-11707 is a type confusion vulnerability in Mozilla Firefox that can result in an exploitable crash. CVE-2019-11708 is a sandbox escape vulnerability. Combining both CVE-2019-11708 and CVE-2019-11707, attackers can perform arbitrary code execution. Thunderbird is also affected but generally cannot be exploited since scripting is disabled when reading mail. Following this,
Microsoft Patch Tuesday updates for June 2019
New Security Bulletins : 2019-06 Security Update for Adobe Flash Player for Windows (KB4503308) 2019-06 Security Only Quality Update for Windows Server 2008 (KB4503287) 2019-06 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4503269) 2019-06 Security Only Quality Update for Windows Server 2012 (KB4503263) 2019-06 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4503290) 2019-06 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016
[Free Seminar] Secure your organization's endpoints against the latest cyberattacks and security vulnerabilities
Be it WannaCry, Meltdown, Spectre or Petya each year bears witness to new cyberattacks and security vulnerabilities, and the year 2019 is no different. From the BlueKeep vulnerability that affects over a million systems, to the ZombieLoad attack that affects nearly every Intel chip since 2011, IT teams across the globe face an uphill battle this year to secure their organization's desktops and mobile devices. Organizations irrespective of the industry they cater to, are often caught unawares by
[Important] Migration of Central Patch Repository server; If you've whitelisted Central Patch Repository server's IP address from firewall, attention!!
Hello peeps, We've got an important announcement. To support our increasing customer base and to meet the future demand, we are migrating our current patch repository server - patchdb.manageengine.com to a static alternative. For users who've white listed the current patch repository server's IP address in their firewall, we request to contact our support team for details of the latest patch repository IP address. This migration will take place on 30-May-2019. So, we suggest our users to contact
Highly critical processor chip flaw "ZombieLoad" patched
A new class of processor chip vulnerabilities targeting the 'speculative execution' portion of Intel chips has been discovered by a group of researchers a few days back. These three vulnerabilities are named ZombieLoad, fallout, and RIDL (Rogue In-flight Data Load). These flaws are rated highly critical by the team of researchers who discovered them. ManageEngine Patch Manager Plus now supports patches for the ZombieLoad vulnerability. Name of the Vulnerability: ZombieLoad Severity : Highly critical
Next Page