Zero-day bug in Win32k component is being actively exploited
The zero-day vulnerability in Win32k component which was patched with this Month's Patch Tuesday is being actively exploited by attackers. This vulnerability was addressed by Microsoft in CVE-2019-0797 . The vulnerability: This is an Elevation of Privilege vulnerability found in the win32k that fails to handle objects in memory properly. If this zero-day vulnerability is exploited, the attacker could execute arbitrary codes in kernel mode. Solution: To stay secured from this exploit, Desktop
Microsoft Patch Tuesday updates for March 2019
Good day. Quick update on the March 2019 Patch Tuesday. New Security Bulletins : 2019-03 Security Update for Adobe Flash Player for Windows (KB4489907) 2019-03 Security Only Quality Update for Windows Server 2008 (KB4489876) 2019-03 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4489885) 2019-03 Security Only Quality Update for Windows Server 2012 (KB4489884) 2019-03 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4489883) 2019-03 Cumulative Update
Downloaded Patches Store
Hello, I'm looking for the "Downloaded Patches" metadata or file that tells desktop central what files are located inside "C:\ManageEngine\DesktopCentral_Server\webapps\DesktopCentral\store". I'm moving patch files in a one way transfer from a "online desktop central installation" to an "offline desktop central installation".
New UI for MEDC Patch Management in 10.0.321
Just a suggestion and wanting to know if anyone else feels the same way. I do not like the new layout and column list from the most recent update to 10.0.321 in Desktop Central's Patch Management screen. The lumping of all the missing patches together in one column is very inconvenient. And having the missing patches numbers in dark blue is not very smart with all the rest of the text being black. The red numbers used to allow you to easily see the systems that needed patches. Now combining
Undoing Changes
Hi expert out there, everytime i start automate patch deployment a few of my user will get this error " we couldnt complete the updates undoing changes dont't turn off your computer. The error is for window 10 only please help me.. error picture as attach.
Update your Google Chrome to 72.0.3626.121 ASAP!
The Chrome Security team has released a fix for a highly critical vulnerability in Google Chrome (72.0.3626.121) with CVE-2019-5786 that could allow a remote attacker to execute arbitrary code and take full control of the computers. Please note that this vulnerability is being actively exploited. The Chrome security team reported the issue as a use-after-free vulnerability found in the FileReader component of the Chrome browser. The security team hasn't revealed any technical details of the vulnerability
Managing Office 365 Patches
There is a GPO for Office 365 called "Office 365 Client Management". Does this need to be enabled for Desktop Central to manage the patching of Office 365 Applications? GPO Description... This policy setting enables programmatic control of Office 365 clients. If you enable this policy, System Center Configuration Manager or other application management solutions can manage the Office 365 client. After applying the policy, you will be required to restart the Office Click-to-run service. If you disable
Installing Patch Management Windows 10 Windows Update and the Windows Store
Team, I am having trouble finding the answer to a question. When using Desktop Central's Patch Management, Do you disable Windows Update Service? If Windows Update Service is disabled, How do you get the Windows Store to work?
Chrome Updates
Latest Chrome Updates in Desktop Central Indicates Reboot Not Required, but when update is installed Patch details indicate a Reboot Required. Anyone else have this issue? Sample dcpatchinstallaccesslog from 1 system
Getting confused and frustrated, very frustrated,
I am trying to manage the patches in our environment with Desktop Central. I thought after reading the documentation, I understood it, but apparently, i don't. Last month I created a test group in which to test patches on. The test and approve was created so after 5 days, the patches were automatically approved. I then created 3 groups for automated deployment. Production and 2 sub groups based on different time frames. Everything seemed to have gone well. We hit an 80% success rate in patching
Microsoft now prefers SHA-2 algorithm to patch Windows legacy OS versions
Microsoft has said in an official statement that it will be ruling out the support for SHA-1 algorithm and will migrate to SHA-2 hash algorithm for code-signing purpose. So, Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. Microsoft will be releasing updates that
Adobe releases an update to fix a bug in their Zero-day patch released a week ago
After the update that was targeted at fixing the zero-day vulnerability, failed to patch it, Adobe has released another patch to fix the critical information disclosure bug in Adobe Acrobat reader. This zero-day vulnerability which was tracked as CVE-2019-7089 was reported by a security researcher on Jan 26 which could lead to disclosure of sensitive information. On Feb 12, Adobe tried resolving this issue by releasing a fix for this zero-day bug. But the security reacher found a by-pass in the
Windows 7 Updates and SHA2 Support
MS will be delivering SHA2 code signing support for Win7 updates in March with SHA1 support removed by September https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus Will this have any impact on DC delivering patches? Mark
Notify users which use outdated versions of software
Hallo, is there a way to automaticly notify users which use outdated versions i.e. of chrome because they never close chrome? This would be a huge help delpoying updates.
Limit Bandwidth for patch distribution
Hi all, We have about 1000 machines being managed by Desktop Central over multiple distributed offices. I am only running one Desktop Central server to push out all of these patches. When i do a mass update, our WAN links out of our main office is flooded with Desktop Central traffic. Without installing distribution servers, is there a way i can limit the bandwidth that desktop central uses to push out patches to each workstation? Cheers,
Windows 10 1809 update
Any ETA on when this update will show up in patch management?
More information: Error Message: Unknown error code 1030
Is there any more information on this error code? I have a handful of machines that aren't getting particular patches, that generate this error code. However, those particular patches are installing on other computers (same make/model/specs) as the ones that are failing. The machines that are taking said patches have the same internal configurations as those that are failing to install the patch. The provided *KB doesn't provide a lot of information to help resolve the issue.
macOS Mojave 10.14.3 Supplemental Update for FaceTime bug
Apple has rolled out macOS Mojave 10.14.3 supplemental update that fixes the FaceTime bug that let people eavesdrop on unanswered group video calls. Besides, the macOS Mojave 10.14.3 supplemental update addresses another security issue involving Live Photos on FaceTime. Apple didn't disclose any information on that issue yet, but ensured that it's been fixed in the new update. Workaround: You can deploy macOS Mojave 10.14.3 supplemental update to resume using FaceTime without any issues. To deploy
Patch Management Reboot Schedule
I'm looking for a way to schedule a reboot from patch management, I can only see an option to force a shutdown immediately, do not disturb if logged in or allow users to postpone. None of these options are what I require. From what I understand you can only schedule a forced reboot from the "Tools" menu, which takes me away from the patch management section which conveniently shows me all devices that need a reboot. There is a lot of manual work involved with the way this is currently setup as I
old patches showing up as missing
All the sudden today I have some pc showing old patches from last year. Most are Security Only Quality Update for Windows 7 for x64. Not all windows 7 pc are showing missing only some. On a few machines that already tried to patch. this morning the patch error out with unknown error code error. see screenshot
Installing missing patches during deployment.
Hi Although applications can be installed automatically after an OS deployment, it should also be possible to automatically apply approved patches. At present the deployment process is slow and/or disjointed. Following OS deployment and automatic install of the DC Agent, a PC is still not listed under 'Managed System' in patch management until a patch scan has been completed. We therefore have to go to Inventory->Computers, find the new PCs to initiate a patch scan, waiting for it to complete, then
Change in Java update distribution?
Oracle is changing the way that Java updates are distributed to non-individuals after January 2019 - see https://www.java.com/en/download/release_notice.jsp for details. How will this impact companies that use ManageEngine Desktop Central / Patch Management for keeping Java up to date?
Java Patch (JRE 1.8.201): system cannot find the file specified
Latest java patch fails to install on all systems with error message: system cannot find the file specified. Any ideas? Thanks, Juergen
Patches marked as no approved
I have it set to auto-approve but these 2 patches were marked not approved? is there a reason why? 106330 MSWU-3119 2019-01 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4480976) 06325 MSWU-3117 2019-01 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4480969)
Patch Management Automate Deployment Suspend Issues
I have two groups for automated deployment. As i rebuild our patch management process, schedules and groups change. Problem I am having is that if I change say the days a task is set to go off on, or change the time frame. Once it's saved, the task is no longer in suspended mode and it starts pushing what updates it has right away. Is there a way to keep a task in suspend mode until it is manually unsuspened? Over the course of the next few months, I will be slowly patching and updating machines.
KB4480960 and KB4480970 causing issues with network shares
Security updates KB4480960 and KB4480970 for Windows 7 SP1 and Windows Server 2008 R2 SP1 released on January 8, 2019 (January's Patch Tuesday) cause network shares to be inaccessible under certain circumstances: The issue is triggered only if the user attempting to make the connection is an administrator on the machine that hosts the Share. If the user is a non-administrative user on the device that hosts the share, the connection works fine. Workaround: If you are facing this issue, follow the
Microsoft addresses Patch Tuesday security updates for January 2019
Hello everyone, Good day! Microsoft has just announced the Patch Tuesday security updates for the month of January 2019. This month's security updates fix various vulnerabilities and flaws in many Microsoft products. These include, Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Framework ASP.NET Microsoft Exchange Server, and Microsoft Visual Studio Desktop Central will support these patches as the
Failure notification for automatic patch deployment
We have an automatic patch deployment task that failed for 1 PC and succeeded for the rest. We were able to manually install the patches. But in DesktopCentral when I look at the Current Status for this ADP task that partially failed, DesktopCentral continues to report 1 failure from the PC that we needed to manually install the patches on. We've been getting notifications about the failure, and when I look at the details now it says "No data available". Is there a way to refresh the status of the
Updates not applicable
Hi, Desktop central lists a pc as having for example 15 patches required, when deploying those patches it installs for example 7 and set 8 as not applicable, but then after scanning for patches it lists the 8 not applicable patches as required, this is happening with many pcs. Why?
CVE-2018-8653 | Severe Security Vulnerability has been discovered:
The Research team of Microsoft has released Cumulative updates #CVE-2018-8653, which needs to be deployed immediately. Generally, on Patch Tuesday, they release Cumulative and Delta Updates. Apart from the Cumulative and Delta updates released in this month's Patch Tuesday, again they've released Cumulative updates this week. This is very critical. If this Cumulative update #CVE-2018-8653 is not patched, then when Delta updates are released next month you won't be able to patch them. Thus, it is
Remote WOL without Agent Computer
Hi, I read here that when trying to use WOL to a remote site with no agent, the magic packet will get sent as Unicast. Are you talking about a Unicast packet to the actual physical host IP we are trying to "wake up" or a directed broadcast to the remote subnets broadcast address? Being treated as a unicast routing? Thanks
Unapproved patches with dc in auto-approve mode?
Hi, today I got a strange phenomen: Patches for firefox (32 and 64 bit) are unapproved but testing mode is automatic so all patches should be automaticly approved. How can I approve these 2 patches?
SQLite "Magellan" bug affects Chrome: Update Chrome to version 71.0.3578.80
A highly critical remote code execution vulnerability has been discovered in SQLite, an underlying database engine embedded into the Chrome browser. This vulnerability has not yet received a CVE identification number. As of now, the SQLite vulnerability has been widely referred by the codename "Magellan". Google acknowledged the bug in its browser's underlying database and has issued a fix in it's latest versions for Chrome starting from Chrome 71.0.3578.80, generally referred as Chrome 71. This
ADP Scheduling Irritation
Is everyone having to create Duplicate APD and Deployment Policies for Updates to deploy the last week of this month (August 27th - 31)? Since that week has Fourth and Last included in it?
Downloading patch FileZilla_3.36.0_win64-setup.exe
Getting the following error. 1 >> Downloading patch FileZilla_3.36.0_win64-setup.exe . Please wait... 2 >> FileZilla_3.36.0_win64-setup.exePatch status : Download blocked by firewall/antivirus.Enable firewall configuration or exclude antivirus to allow downloads from https://dl3.cdn.filezilla-project.org. I have checked the firewall logs and the download is not being blocked by the firewall. The URL seems to have changed to the following https://dl4.cdn.filezilla-project.org/client/FileZilla_3.36.0_win64-setup.exe
Update Rollup 24 For Exchange 2010 SP3 (KB4458321)
I do not see this one listed in patch management. You are also not detecting the KB4458321 as being installed. But you do list the superseded Update Rollup 23 For Exchange 2010 SP3 (KB4340733) and indicated that it is a missing patch. When in fact i have superseded RU23 and went straight to RU24. I am a large deployment on build 10.0.279. Last Successful Vulnerability DB Update : Oct 5, 2018 05:23 PM
Unknown Error. Code : -2145124329 installing patches.
We have reported this issue to support, but wondering if anyone else has seen the problem where an "Unknown Error. Code : -2145124329 installing patches.". It is happening on a number of machines for several patches including :- 2018-11 Update for Windows Server 2016 for x64-based Systems (KB4465659) 2018-11 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4467684) 2018-11 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4467691) Update for Windows 8.1 for x64-based
Microsoft Patch Tuesday updates for December 2018
Good day. Quick update on the December 2018 Patch Tuesday. New Security Bulletins : 2018-12 Security Update for Adobe Flash Player for Windows (KB4471331) 2018-12 Security Only Quality Update for Windows Server 2008 (KB4471319) 2018-12 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4471328) 2018-12 Security Only Quality Update for Windows 8.1 (KB4471322) 2018-12 Security Only Quality Update for Windows Server 2012 and Windows Server 2012 R2 (KB4471326) 2018-12 Delta Update
Third Party patches not downloading
Hi I've created an automated deployment that patches MS and third party patches. I've got several third party patches approved but they're not installing. I just realized they are 'awaiting download'. Do I need to do something special to download third party patches? Thanks, Robert
User notification
HI, After updating to Build No:90023, some users are now presented with a install/shutdown msg. Shutdown Blocked - Configuration in Progress and they have to select an option, which all involves them to shutdown their machine. This is when having the patch deploy policy as do not reboot and all notifications to the user turned off. This was not a problem before the Build No:90023
Next Page