Can patches be staged on endpoints prior to installation?
Hi everyone, I am new to this tool and I have a limited change window for patching. I would like to make the install times as efficient as possible. Can I use Desktop Central to prestage the patches prior to installation? Thank you in advance!
Zoom issued fix for an UNC vulnerability that compromises Windows credentials
Zoom patched a fatal flaw in the Zoom Windows client that allows attackers to use its chat feature to share malicious links that once clicked will leak the Windows network credentials of the victim. Such attacks are possible because Zoom for Windows not only converts normal URLs into a clickable link but also Windows networking Universal Naming Convention (UNC) paths. UNC is used to locate a network resource, such as a file hosted on an attacker-controlled SMB (Server Message Block) server. When
Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox
Mozilla has released fixes for 2 zero-day vulnerabilities in Firefox. The fixes are available in the newly released version of the browser, Firefox 74.0.1.The updated version fixes the vulnerabilities CVE-2020-6819 and CVE-2020-6820 Vulnerability and impact Both CVE-2020-6819 and CVE-2020-6820 are use-after-free vulnerabilities and occur due to improper memory space management by Firefox. These bugs when exploited allow the hacker to write codes into Firefox's memory and have it executed in the
Patch database proxy server settings
I am not able to change the Proxy settings for the Patch database. It is set to "No Connection to the Internet" and when I change it to "Direct Connection to the internet" The SAVE button does nothing. Any help with this would be appreciated.
Google Chrome releases Stable Channel Update
Hello guys, Google Chrome has updated its stable channel to 80.0.3987.162 for Windows, Mac, and Linux systems. This update also includes 8 security fixes. Below are the fixes that require immediate attention CVE ID Severity Vulnerability CVE-2020-6450 High Use after free in WebAudio CVE-2020-6451 High Use after free in WebAudio CVE-2020-6452 High Heap buffer overflow in media Initiate a sync between the Desktop Central server and the Central Vulnerability database and search
Force Distribution server to re-sync
Morning, I was wondering if there is an easy way to force a single distribution server to perform a full re-sync? It appears that files located in "DesktopCentral_DistributionServer\replication\store" have been deleted by mistake. This produces an error of "File not available to download from server" on the target machine served by that distribution server. Regards
not enough disk space to download patch? But yes there is...
I am evaluating Desktop Central. I have a patch (1909_x64.exe, a Win10 update?) that has failed to install with the message that there is not enough disk space to download the patch... 10GB required. But I have 219GB available on my drive where Desktop Central is installed. I have also confirmed that the patch repository is on that local drive. I had the same message earlier on a different patch, but it installed after a client and server reboot. Any ideas?
Patches Tab is blank in build 10.0.513
We have an issue where when looking at a Systems Details via System in Threats & Patches, the patches tab is blank. I know systems have patches installed and or missing but the tab is blank. Is this issue isolated to me? or do others have same issue? I've tried Chrome, IE and Firefox with same result.
MS Patch id 28391 Windows7ESUchecker.exe fails to down load
Is anyone having issues with desktop central patch management failing to download Windows7ESUchecker.exe for patch ID 28391? I have even downloaded manually and the tried to upload it and I get a checksum error when I do.
Google Chrome releases stable version 80.0.3987.149
Hello folks, Google Chrome has recently updated the stable channel to 80.0.3987.149. This version comes with fixes for 13 security bugs, of which nine are rated High in severity. The CVE IDs of the patches released are as follows. CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2019-20503 CVE-2020-6449 Desktop Central now supports Google Chrome's latest version 80.0.3987.149 for Windows, Mac, and Linux. If you're looking to update
Critical vulnerabilities fixed in Adobe Reader and Acrobat
Hello folks, The lack of Adobe updates in the March Patch Tuesday might have come as a surprise to many of us. However a week from Patch Tuesday, Adobe has released updates to fix 13 vulnerabilities in Adobe Acrobat and Reader for Windows and macOS. 9 of them are rated 'Critical'. Affected versions These versions are applicable for both Windows and mac platforms Acrobat DC Continuous 2020.006.20034 and earlier versions Acrobat Reader DC Continuous 2020.006.20034 and earlier versions Acrobat
Powershell Rest API Interegation
Hi, Has anyone tried to invoke rest methods via powershell to pull data from Desktop Central? I am currently having issues sending the initial POST to get an authentication Key back as I have done with other REST API's. I mainly seem to be getting the below even with known correct credentials :- error_description : Username and password did not match message_type : authentication error_code : 10001 message_version : 1.0 status : error I can invoke a request to a URL that
Malicious Software Removal Tool x64 - Are you installing and auditing?
Hello all; I see that this particular piece of software really isn't needed in our environment. We utilize Sophos Endpoint with InterceptX. Are any of you deploying this item?
"Out-of-band" fix rolled out for the leaked Eternal Darkness bug
Hello folks, Earlier in March 2020 Patch Tuesday, Microsoft has announced a security advisory on an unpatched vulnerability in the SMBv3 protocol (CVE-2020-0796) with a temporary workaround in place. Now a fix is available for this vulnerability as KB4551762, for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909. Microsoft strongly recommends that you install the updates for this vulnerability. In case you have applied the workaround published earlier and wish
"EternalDarkness" - unpatched SMB v3 compression RCE bug details leaked
Microsoft has announced in its security advisory the details of a remote code execution vulnerability(RCE), tracked as (CVE-2020-0796) in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles connections that use compression. This vulnerability has been named 'EternalDarkness' and 'SMBGhost', along the lines of the EternalBlue exploit that leveraged the SMB vulnerability to launch the 2017 WannaCry ransomware. Affected products: Product Version Windows Server Version
Clearing Patch Status
Is there a quick way to reset/clear the patch status on some machines? I have several that were patches manually that are showing previous failures. These don't appear to clear so I was hoping to manually reset it.
March 2020 Patch Tuesday updates
Hello folks, Good day. Quick update on the March 2020 Patch Tuesday. New Security Bulletins : 2020-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4541506) (ESU) 2020-03 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB4540688) (ESU) 2020-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4541510) 2020-03 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 for
Critical vulnerabilities fixed in Mozilla Firefox 74 and Firefox ESR 68.6
March updates include two advisories from Mozilla, one for Firefox 74 and one for Firefox ESR 68.6, featuring 6 CVEs rated as high. Product Title CVE ID Severity Firefox 74 & Firefox ESR 68.6 Use-after-free when removing data about origins CVE-2020-6805 High Firefox 74 & Firefox ESR 68.6 BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6806 High Firefox 74 & Firefox ESR 68.6 Use-after-free in cubeb during stream destruction CVE-2020-6807 High Firefox 74
Mac OS Catalina installer fails to download
I'm trying to upgrade MacOS to Catalina. The link that DesktopCentral is using to download the file "installCatalina.tar.gz" is https://updates.cdn-apple.com/2018/091-99991-20181030-10052238-C103-11E8-A480-9257C82E983B/installCatalina.tar.gz. But that link just has a Access Denied page. (I'm on DC version 10.0.475) Thanks
Critical PPP Daemon vulnerability opens up Linux systems to RCE attacks
Hello guys, The US-CERT has issued an advisory warning users of the new remote code execution (RCE) vulnerability CVE-2020-8597, affecting the PPPD (Point-to-Point Protocol Daemon) installed in almost all flavors of Linux based systems. Other than Linux systems, this vulnerability also affects few other networking applications and devices such as Cisco CallManager, TP-Link products, Synology, and OpenWRT Embedded OS. The vulnerability The vulnerability CVE-2020-8597 exists due to an error in
The connection with the server has been terminated or an incompatible SSL protocol was encountered
Hi, Please could you help for the following error? The connection with the server has been terminated or an incompatible SSL protocol was encountered
Not showing Logged On User
BEfore i open a ticket, I would like to know what I can do on my end to attempt to resolve the issue. We have a few dozen machines that are online, show online. Show recently completed scan dates and times. Yet they don't show who is logged on to them. We have physically verified computers A, B, C and D are in use by users. Those same computers do not show anyone as being logged in in the dashboard or in the reports of Desktop Central. The client is up to date, the last scan date, and boot time
Google Chrome critical updates
Hello folks, On February 24, Google released a new stable channel update 80.0.3987.122, for Windows, Mac, and Linux. This was done to address several vulnerabilities in Google chrome. There were 3 security updates released out of which CVE-2020-6418 is rumored to be exploited in the wild. Google further affirms this saying that they were aware this exploit existed in the wild and could have been exploited as a zero-day. List of the security updates released: CVE-2020-6407: Out of bounds memory
How to create dynamic group by hardware criteria?
Hi there! We really like custom dynamic groups, but we'd like to create by one of hardware criteria. Our company have some old workstations and some of updates drops them to bsod. It would be very good idea to collect this workstations to custom group dynamicaly. What's your solution about this situation?
How to exclude or block all further patches for 1 program?
I feel like this must be easy, but I'm having trouble finding it. We need to stop Desktop Central from pushing any patches out for a particular program, MySQL Connector Net. Can I do this and where? We have a test + approve group set up, and I can see a section to exclude specific programs from this (not sure if doing this just forgoes testing and pushes it anyway), but I don't see a place to exclude it in just general patch management. Thanks in advance!
Problematic updates found in February Patch Tuesday release
Hello everyone, Three standalone security updates released as part of the February Patch Tuesday cycle were found to be problematic. Known issues in KB4524244: The security update KB4524244 released for all versions of Windows 10 addresses an issue in which a third-party Unified Extensible Firmware Interface (UEFI) boot manager might expose UEFI-enabled computers to a security vulnerability. Microsoft has confirmed at least two known issues in the KB4524244: Using the “Reset this PC” feature,
risorse di memoria insufficienti per elaborare il comando
Buonasera supporto, quando si tenta di distribuire una patch (feauture pack in questo caso), ricevo l'errore "risorse di memoria insufficienti per elaborare il comando". Sul server lo spazio disponibile e' di 28 gb e all'interno del repository ho inserito anche la ISO di W10. Come si puo' risolvere il problema ? Grazie mille
Firefox 73 released with fixes for high-severity security vulnerabilities
Hello everyone, Mozilla has released Firefox 73 to the stable desktop channel for Windows, macOS, and Linux operating systems with several new features and security fixes for some high-severity vulnerabilities. What's new in Firefox 73? Following are the new features included in the latest release of Mozilla Firefox. Global default zoom setting High contrast theme improvements Improved audio quality New DoH provider - Next DNS and more Security vulnerabilities fixed Here's the list
Accessing Failed patches per machine via API
Hi, I am having issues finding where to pull failed patch information for computers via the API. I can pull most things such as pending patches but cannot find where you access a failed patch and a remark based on why it failed via the API. Anyone know what the URL for the get request would be?
Patch Tuesday Updates for February 2020!
Hello everyone, Given below are all the updates released on this month's Patch Tuesday! New Security Bulletins : 2020-02 Servicing Stack Update for Windows 10 Version 1903 and Windows Server, version 1903 (KB4538674) 2020-02 Servicing Stack Update for Windows 10 Version 1909 and Windows Server, version 1909 (KB4538674) 2020-02 Servicing Stack Update for Windows 7 and Windows Server 2008 R2 (KB4537829) (ESU) 2020-02 Servicing Stack Update for Windows Server 2008 (KB4537830) (ESU) 2020-02 Cumulative
Update now to Chrome 80 to quash an array of security issues
Hello folks, Google Chrome has rolled out Chrome 80 (Chrome 80.0.3987.87) to the Stable channel for the Windows, macOS, Linux, Chrome OS, iOS, and Android platforms. This update resolves a bunch of security issues and also contains bug fixes, and new features. What's new? Included in this update are new features such as a new secure-by-default cookie classification system, auto-upgraded mixed content, text URL fragments, SVG favicons, and more. Here's a list of CVEs resolved in this update: CVE-2019-18197
Internet Explorer zero-day vulnerability actively under-attack
Microsoft, on Friday, has published a security advisory detailing a zero-day vulnerability in Internet Explorer that's actively under attack. This vulnerability (CVE-2020-0674) is a scripting engine flaw which when exploited can lead to arbitrary code execution in the context of the current user. The flaw can be mitigated by restricting access to the JavaScript component JScript.dll, and there is no patch available so far. This forum thread will be updated with the patch information as soon as it's
Windows all set to initiate automatic upgrade to the latest 1909 feature pack
Hi everyone, The support for Windows 10 Home, Pro, Pro Education, and Pro for Workstations editions on 1809 ends May 12, 2020. Microsoft pushes computers running on the October 2018 update, version 1809, to update to the November 2019 update, version 1909 automatically. The process that will initiate this automatic update will be rolled out real soon, says Microsoft. In case of such automatic updates in a diverse network environment, there are high chances of incompatibilities. If you are using
Reboot Policy / Functionality
Hello, I would like to see a feature added that would allow us to configure a reboot policy under the following conditions: If the machine hasn't been rebooted since X amount of time has elapsed, then force a reboot during the next defined maintenance window. This functionality also requires the ability to define this maintenance window. and/or If the machine has been sitting in a 'waiting for reboot' state for X amount of time, then force a reboot during the next defined maintenance window.
Workflow for change request in SDP to rollout patches in desktop central?
i'm not sure if i'm missing it, but while we have both servicedesk plus and desktop central with integration enabled, i don't see any easy way to approve patches from servicedesk plus and then roll them out to specific computers. i can always copy and paste the list of patches into a change request and reference the system(s) manually, but that seems a wasted opportunity on ManageEngine's part. Regards, Dave
Can I decline patches for Windows OS families?
Is there a way to decline patches that apply to specific Windows versions? For example, my organization does not use Desktop Central to manage our servers, only our end-user workstations. Therefore, none of the Windows Server patches will ever be needed. I know that I can decline all patches for third-party apps, like Mozilla Firefox or WinSCP, by going to "Patch Mgmt > Patches > Decline Patch" and selecting the product I want to decline patches for. Is there a similar way to decline all patches
Windows 7 ESU verification
Hello everyone, We posted an announcement earlier that mentioned the way in which the MAK key could be deployed using Desktop Central. This is a follow-up post on how to check if the ESU license has been installed. For the previous post, refer : https://pitstop.manageengine.com/portal/community/topic/tackle-windows-7-end-of-life-with-desktop-central-14-1-2020 Steps to verify if ESU license has been activated successfully Open command prompt. Type slmgr /dlv then press Enter. Verify the license status.
Patch Tuesday January 2020 updates
Hello everyone, The first Patch Tuesday updates for the year 2020 are here, Let's take a quick look at the updates released New Security Bulletins : 2020-01 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB4534251) 2020-01 Cumulative Security Update for Internet Explorer 10 for Windows Server 2012 (KB4534251) 2020-01 Cumulative Security Update for Internet Explorer 11 for Windows 7 and Windows Server 2008 R2 (KB4534251) 2020-01 Cumulative Security Update for Internet
Tackle Windows 7 end of life with Desktop Central
Hello everyone, As most of you are already aware, Microsoft is pulling the plug on Windows 7 on January 14, 2020. This means that the Patch Tuesday of this month is the last time that security updates will be released for Windows 7. After this Patch Tuesday, the Windows 7 machines running in your environment will not receive any security updates or tech support. The lack of security updates can put your Windows 7 machines at severe risk. Considering its been over a year since Microsoft announced
Office 365 click to run
Is it possible for patch management with Desktop central to install patches for Office 365 ProPlus click to run. All the patches that are displayed in patch management do not apply to this version of Office.
Next Page