Oracle releases 8 security patches for Java SE
Hello everyone, Oracle in its Critical Patch Update has released 8 security patches for Java SE. The vulnerabilities addressed are as follows: CVE ID Product Supported versions affected Attack complex CVE-2020-14803 Java SE Java SE: 11.0.8,
Security vulnerabilities fixed in Firefox 82 and Firefox ESR 78.4
Hello everyone, Mozilla has released updates for Firefox 82 and Firefox ESR 78.4. These updates fix several security vulnerabilities, the details of which are as follows: CVE ID Vulnerability Severity CVE-2020-15969 Use-after-free in usersctp High
Adobe releases critical security updates for Flash Player
Hello everyone, Adobe has released security updates for Adobe Flash Player for Windows, macOS, and Linux. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to an exploitable crash, potentially resulting
October Patch Tuesday updates
Hello everyone, Below is the list of updates from October 2020 Patch Tuesday New Security Bulletins : 2020-10 Security Update for Adobe Flash Player for Windows (KB4580325) KB4579977, 2020-10 Security and Quality Rollup for .NET Framework 4.5.2 for Windows
Security vulnerabilities fixed in Chrome stable channel 86.0.4240.75 update
Hello everyone, Chrome 86 has been promoted to stable channel Chrome 86.0.4240.75, for Windows, Mac and Linux. This update comes with several fixes and improvements. Below are the details of the security fixes: CVE ID Vulnerability Severity CVE-2020-15967 Use after free in payments Critical CVE-2020-15968 Use after free in Blink High CVE-2020-15969 Use after free in WebRTC High CVE-2020-15970 Use after free in NFC High CVE-2020-15971 Use after free in printing High
dcpatchscan.exe APPCRASH Event ID 1000
New to the product. Added a new domain and manually installed the agents to 13 servers. Of those, 6 are failing patch scans. Faulting application name: dcpatchscan.exe, version: 0.0.0.0, time stamp: 0x5ed5792d Faulting module name: MisconfigEngine.dll, version: 0.0.0.0, time stamp: 0x5f227505 Exception code: 0xc0000005 Fault offset: 0x0005e3b0 Faulting process id: 0x774 Faulting application start time: 0x01d66bf75a8e95e1 Faulting application path: C:\Program Files (x86)\DesktopCentral_Agent\bin\dcpatchscan.exe
iCloud Vulnerabilities and Patches Not Lining Up?
I am seeing vulnerabilities listed when iCloud v7.x (Installer EXE) is installed. This is correct, as it is an outdated version. I install the patch and that one goes away. However, all along there is also items listed for the version 10.x (Microsoft Store) version of iCloud, which is not installed on the computers. Patching the 7.x to current only removes the 7.x vulnerability listed. Has anyone else encountered this between the two different install sources?
Scan System Fail
Hi i am using DC Build 10.0.560 i was looking for a replacement for the company network windows update deployment server where i have come across this product which came into my liking unfortunately when i want to deploy patches on systems that i have
Firefox 81 and Firefox ESR 78.3 patches high severity vulnerabilities
Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3. The CVE IDs addressed in the latest version are as follows: CVE ID Description Severity CVE-2020-15677 Download origin spoofing via redirect Moderate CVE-2020-15676 XSS when pasting attacker-controlled data into a contenteditable element Moderate CVE-2020-15678 When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario
CISA's Emergency Directive 20-04 mandates federal agencies to mitigate CVE-2020-1472 (Netlogon Elevation of Privilege Vulnerability)
This advisory applies to: All Federal Executive Branch Departments and Agencies, Except for the Department of Defense, Central Intelligence Agency, and Office of the Director of National Intelligence. On August 11, 2020, Microsoft issued a security update to mitigate CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability in Windows Server operating systems. This vulnerability exists within the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), an interface used for user and machine authentication
Google Chrome releases stable channel update 85.0.4183.121
Hello folks, Google Chrome has recently updated the stable channel to 85.0.4183.121. The CVE IDs addressed in the latest version and their corresponding severity are as follows: CVE-2020-15960 - High CVE-2020-15961 - High CVE-2020-15962 - High CVE-2020-15963 - High CVE-2020-15965 - High CVE-2020-15966 - Medium CVE-2020-15964 - Low Desktop Central now supports patches to address the aforementioned CVEs and update Google Chrome to the latest version 85.0.4183.121 for Windows, Mac, and Linux.
Some old patches as "Not approved" and no option to "Approve" them
Hi, I have noticed that after scanning our network looking for vulnerabilities, there are some KB patches that need to be applied. Looking for those patches in Desktop Central, I can see they are "Not approved" although we have "automatically approve all patches" option enabled. Also I can not select those patches to mark them as "approved". They are listed in the "Supported Patches" section, not in the "Applicable Patches" section. How can we "approve" those patches and install/download again?
Agent Deployment Fails : The system cannot find the file specified.
Hello Everyone. Have been using patch manager plus for a few months now, but today i find that whilst trying to push the agent out to a few computers in SOM i now get the following error. The system cannot find the file specified. I then tried to uninstall the agent on one of the computers that already had the agent and im having the same issue. I tried looking at the account used to push out software through my AD but it looks fine. How do i trouble shoot this?
Patch Tuesday September 2020 - Supported updates
Hello there, Below is the breakdown of all the updates released in September 2020 Patch Tuesday. New Security Bulletins : 2020-09 Security Monthly Quality Rollup for Windows Server 2008 Systems (KB4577064) (ESU) - Not Supported 2020-09 Security Only Quality Update for Windows Server 2008 Systems (KB4577070) (ESU) 2020-09 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 Systems (KB4577053) (ESU) 2020-09 Security Only Quality Update for Windows Server 2012 Systems (KB4577048) 2020-09
Enhance availability of the Patch Management Download Manager...
Posting this here to see if the community think it's a good idea. This is currently only invoked by DC during certain patch download operations. It would be significantly more useful if we were able to invoke it, on demand, regardless of what we or DC are doing. I have also posted this as a "feature request" in your appropriate feedback/ideas form.
Chrome stable channel update fixes 20 security vulnerabilities
Hello everyone, Chrome 85 has been promoted to the stable channel 85.0.4183.83 for Windows, macOS, and Linux. This update comes with fixes for 20 security vulnerabilities, the details of which are given below: CVE ID Vulnerability details Severity CVE-2020-6558 Insufficient policy enforcement in iOS High CVE-2020-6559 Use after free in presentation API High CVE-2020-6560 Insufficient policy enforcement in autofill Medium CVE-2020-6561 Inappropriate implementation in
Security updates released for Firefox 80, ESR 68.12, and ESR 78.2
Hello everyone, Mozilla has released security updates for Firefox 80, Firefox ESR 68.12, and Firefox ESR 78.2. Most of the vulnerabilities fixed are of high severity. The details of the vulnerabilities fixed are as follows: CVE ID Vulnerability details Severity CVE-2020-15663 Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege High CVE-2020-15664 Attacker-induced prompt for extension installation High CVE-2020-12401 Timing-attack
Out-of-band updates released for Windows 8.1 and Windows Server 2012 R2
Hello everyone, Microsoft on August 19, released an emergency out-of-band update for two privilege escalation vulnerabilities disclosed in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems. The vulnerabilities are tracked as CVE-2020-1530 and CVE-2020-1537. Both of these vulnerabilities exist in Windows Remote Access Service (RAS) and when exploited, grant elevated privileges to remote attackers. A patch for both vulnerabilities for Windows 10, Windows 7, and Windows Server 2008,
Windows 10 versions out of order?
I've noticed that the pie chart of Windows 10 versions (on the Patch Management homepage) is out of order and I think I finally figured out why. It appears to be displaying the versions from right to left instead of left to right. I would expect the versions to go couter-clockwise around the chart in this order: 1607, 1703, 1709, 1803, 1809, 1903, 1909. Instead it goes 1703, 1803, 1903, 1607, 1709, 1809, 1909. If you reverse the digits you get 3071, 3081, 3091, 7061, 9071, 9081, 9091, which is in
August Patch Tuesday - Non-security and Third party updates
Hello everyone, Below is the list of the supported Non-security and Third party updates from August Patch Tuesday NON-SECURITY UPDATES : Update for Microsoft Office 2016 (KB4484418) Update for Microsoft Project 2016 (KB4484477) Update for Skype for Business 2016 (KB4484464) Update for Microsoft Office 2010 (KB4484454) Update for Microsoft PowerPoint 2010 (KB4092435) NON-SECURITY SQL SERVER UPDATES : Cumulative Update Package 6 for SQL Server 2019 - KB4563110 Cumulative Update Package 14 for SQL
August Patch Tuesday security updates
Hello everyone, Below is the list of the security updates supported from August Patch Tuesday New Windows Security Updates : 2020-08 Security Only Quality Update for Windows 8.1 (KB4571723) (CVE-2020-1464) 2020-08 Security Only Quality Update for Windows Server 2012 R2 (KB4571723) (CVE-2020-1464) 2020-08 Security Only Quality Update for Windows Server 2012 (KB4571702) (CVE-2020-1464) 2020-08 Security Monthly Quality Rollup for Windows 8.1 (KB4571703) (CVE-2020-1464) (CVE-2020-1380) 2020-08 Security
Security fixes released for Adobe Acrobat and Reader
Hello everyone, Adobe has released security updates for Acrobat and Reader for Windows and macOS. Most of the updates are rated 'critical' and 'important'. Successful exploitation of these vulnerabilities could lead to arbitrary code execution in the context of the current user. The affected versions are as follows: Acrobat DC Continuous - 2020.009.20074 and earlier versions Acrobat Reader DC Continuous - 2020.009.20074 and earlier versions Acrobat 2017 Classic 2017 - 2017.011.30171 and earlier versions
Chrome stable channel update 84.0.4147.125 fixes several security vulnerabilities
Hello everyone, Google has updated its stable channel for Chrome to 84.0.4147.125 for Windows, macOS, and Linux. This update comes with 15 security fixes. The vulnerabilities addressed are as follows: CVE ID Vulnerability Severity CVE-2020-6542 Use after free in ANGLE High CVE-2020-6543 Use after free in task scheduling High CVE-2020-6544 Use after free in media High CVE-2020-6545 Use after free in audio High CVE-2020-6546 Inappropriate implementation in installer
Desktop central patch mangement
Hello, Urgent support required! I am using desktop central for many years for endpoint management and patch management but there is a big issue with desktop central patch management. End-user cannot choose and install patch after deployment, they are forced to install all the patches pushed, this is good for endpoints but not for server patching. we are still using WSUS for server patching, can you please add some feature, like available patch on Self-Service Portal so user can choose and installed.
DC Patch Management patch not detected...
Patch: 2020-01 Update for Windows 10 Version 1909 for x64-based Systems (KB4497165) Microsoft Windows Update identifies this system as requiring this update. However, DC does not, despite the inventory report, in DC confirming it has a qualifying CPU.
Patch's KB4565589 & KB4565636 not installing on Windows 7 w/ ESU's
The above two patches have failed to install on all of our Windows 7 machines that have had an ESU license applied to them. The ending result from the .NET error log is: Final Result: Installation failed with error code: (0x80070643), "Fatal error during installation. According to Microsoft, the error code is a generic code. Anyone else having issues with these two patches?
Security updates released for Firefox 79 and Firefox ESR 68.11
Hello everyone, Mozilla has fixed several security vulnerabilities in Firefox 79 and Firefox ESR 68.11. The details of the vulnerabilities are as follows: CVE ID Vulnerability Severity CVE-2020-15652 Potential leak of redirect targets when loading scripts in a worker High CVE-2020-6514 WebRTC data channel leaks internal address to peer High CVE-2020-15655 Extension APIs could be used to bypass Same-Origin Policy High CVE-2020-15653 Bypassing iframe sandbox when allowing
Chrome updated to stable channel 84.0.4147.105
Hello everyone, Google Chrome has been updated to stable channel 84.0.4147.105 for Windows, macOS, and Linux. This update fixes several security vulnerabilities, the details of the same are presented below: CVE ID Vulnerability Severity CVE-2020-6537 Type Confusion in V8 High CVE-2020-6538 Inappropriate implementation in WebView High CVE-2020-6532 Use after free in SCTP High CVE-2020-6539 Use after free in CSS High CVE-2020-6540 Heap buffer overflow in Skia High
Problem with patching TeamViewer 15.7.6 on Mac OS X - El Capitan 10.11.6
Is anybody else here having a problem with DC incorrectly detecting the above version of TeamViewer as being required by a Mac running El Capitan?
Decline Superseded Patch
I show a windows 10 server pack needs to be installed on one machine, service pack 1709. However the machine is already patched to 1803. Since the checkbox for the patch is greyed out as it is superseded, how can i decline the patch in hopes of desktop central not incorrectly reporting that it is still needed?
POST request to Patch Management API
When trying to initiate a POST request using Python requests library to api/1.3/patch/downloadpatch I get the following response back. {"error_description":"No Patches Specified","message_type":"downloadpatch","error_code":"3004","message_version":"1.3","status":"error"} My code is as follows: headers = { "username": "<redacted username>", "password": "<redatcted password>", "auth_type": "ad_authentication", "domainName": "<redacted domain>", "Authorization":"<redacted auth token>",
Feature update 2004 multilanguages
Hi everyone, I'm currently test the feature update deployment for 2004 win10 upgrade but I have a problem with languages version (Unknown error code : 50006) We have 3 different languages in our office, fr-FR, fr-CA and en-EN Is it possible to add 3 diffrent ISO in the update repository? Thanks, Léo
Patch in Applied Status is Missing
Dear all, We are using Manage Engine Desktop Central to apply patches to our clients. I came across with an issue that might pose a risk in my opinion. We patch the clients and then make a cross check using Nessus Patch audit. Nessus found that, KB4484284 was missing in some clients. When I checked on Desktop Central console, it was in applied status in most of the clients. Then I tried to deploy this patch manually. I have chosen the package and tried to deploy. All deployments ended with non-applicable
KB4540673 and KB4528760 installation issues
Has anyone ran into issues trying to install KB4540673 and KB4528760? Were you able to resolve the issue?
Per Remote Office Dashboard and Permissions
Hi there, Desktop Central has this nifty Dashboard in it's Patch Management component and I would like to know if it is possible to have Dashboard for each Remote Office by itself. That would be super helpful to see the health of each of our supported locations at a glance. Also, is it possible to assign permissions to only a limited subset of the Remote Offices or managed devices to a technician? Example: Technician A can perform patching to location 1, 2 and 3 Technician B can perform patching
Machines reporting to Desktop Central
Is there a way we can email the assigned user of a desktop or a laptop that they have not connected to the network for x number of days and thus remind them to do so, so that Desktop Central might be able to push necessary updates to their computers?
Security updates for Microsoft Edge (Chromium - based)
Hello everyone, Security updates for Microsoft Edge (Chromium-based) has been released to fix several vulnerabilities. The details of the vulnerabilities addressed are as follows: CVE-ID Vulnerability details Severity CVE-2020-6510 Heap buffer overflow in background fetch Critical CVE-2020-6511 Side-channel information leakage in content security policy High CVE-2020-6512 Type Confusion in V8 High CVE-2020-6513 Heap buffer overflow in PDFium High CVE-2020-6514
Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350)
Hello there, Patch Tuesday July 2020 comes with a fix for the critical vulnerability CVE-2020-1350 in Windows DNS Server. This vulnerability is classified 'wormable' and has been given a CVSS score of 10. Cause of this vulnerability: This vulnerability exists due to the improper handling of requests by Windows Domain Name System (DNS) Servers. Impact of this vulnerability: To exploit this vulnerability, an unauthenticated attacker should send malicious requests to a Windows DNS server.
Patch Tuesday July 2020 - Supported updates
Hello everyone, Below is breakdown of all the updates released this Patch Tuesday. New Security Bulletins : 2020-07 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019 (KB4558997) 2020-07 Servicing Stack Update for Windows 10 Version 1803 (KB4565552) 2020-07 Servicing Stack Update for Windows 10 Version 1709 (KB4565553) 2020-07 Servicing Stack Update for Windows 10 Version 1903 and Windows Server, version 1903 (KB4565554) 2020-07 Servicing Stack Update for Windows 10 Version
Google stable channel updated to 84.0.4147.89
Hello everyone, Chrome 84 has been updated to stable channel 84.0.4147.89 for Windows, Mac, and Linux. Various security issues have been fixed with this release, the details of which are as follows: CVE-ID Vulnerability details Severity CVE-2020-6510 Heap buffer overflow in background fetch Critical CVE-2020-6511 Side-channel information leakage in content security policy High CVE-2020-6512 Type Confusion in V8 High CVE-2020-6513 Heap buffer overflow in PDFium High
Next Page