Can someone explain the correct usage of the 'Test and Approve' feature + test groups?
The documentation for 'Test and Approve' is not very clear on the specific implementation of the feature: https://www.manageengine.com/patch-management/help/test-approve-patches.html#test Consider this: - An automated deployment called 'Workstation Patches' that applies patches to all (100) Windows 7 workstations - A group called 'Windows 7 Test Group' that contains (5) Windows workstations targeted by the 'Workstation Patches' deployment - Approval type set to "Test and Approve' I want unapproved
Trouble deploying KB4056894 - March Update
I am attempting to deploy March patches with PatchManager Plus and for some reason all of the Windows 7 computers that I am attempting to deploy KB4056894 to are failing. The Remarks are “Unknown Error. Code : -2145124329”. The help indicates that is a corrept file system but I find it hard to believe that all my Windows 7 computers suddenly have a corrupt file system. Is anyone else experiencing this?
Critical security updates released for Firefox 66.0.1
Mozilla has released updates to address two critical vulnerabilities in Firefox 66.0.1 and Firefox 66.6.1 ESR (Extended Support Release). These vulnerabilities, that are addressed in CVE-2019-9810 and CVE-2019-9813, come as fixes for incorrect handling of files in IonMonkey (Mozilla's JIT compiler for SpiderMonkey). Patch Manager Plus now supports these critical Mozilla updates. To patch your Mozilla Firefox with these latest critical updates, look for Patch IDs 309305,309306,309307 and 309309.
Google Chrome releases stable version 73.0.3683.86
Google Chrome has updated the stable channel to 73.0.3683.86. This version comes with a bevy of features like the built-in dark mode, tab grouping, media key support etc. along with several bug fixes. Patch Manager Plus now supports Google Chrome's latest version 73.0.3683.86 for Windows and Mac. If you're looking to update your Chrome to get your hands on the newest features, just look for Bulletin ID - TU-017 and Patch ID - 309264 (32-bit) and 309265 (64-bit) in Patch Manager Plus.
Zero-day bug in Win32k component is being actively exploited
The zero-day vulnerability in Win32k component which was patched with this Month's Patch Tuesday is being actively exploited by attackers. This vulnerability was addressed by Microsoft in CVE-2019-0797 . The vulnerability: This is an Elevation of Privilege vulnerability found in the win32k that fails to handle objects in memory properly. If this zero-day vulnerability is exploited, the attacker could execute arbitrary codes in kernel mode. Solution: To stay secured from this exploit, Patch
Chrome 73 to patch a huge list of critical vulnerabilities
Google Chrome has rolled out Chrome 73 for Windows, Mac and Linux. Around 60 security fixes are included in the Chrome 73.0.3683.75 update. Below is a highlighted list of fixes that address critical vulnerabilities: Workaround: Search for the following patch IDs: 309179 (for 32 bit) ,309181 (for 64) in Patch Manager Plus and deploy them immediately to stay secure against the above mentioned vulnerabilities.
Microsoft Patch Tuesday updates for March 2019
Good day. Quick update on the March 2019 Patch Tuesday. New Security Bulletins : 2019-03 Security Update for Adobe Flash Player for Windows (KB4489907) 2019-03 Security Only Quality Update for Windows Server 2008 (KB4489876) 2019-03 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4489885) 2019-03 Security Only Quality Update for Windows Server 2012 (KB4489884) 2019-03 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4489883) 2019-03 Cumulative Update
Update your Google Chrome to 72.0.3626.121 ASAP!
The Chrome Security team has released a fix for a highly critical vulnerability in Google Chrome (72.0.3626.121)with CVE-2019-5786 that could allow a remote attacker to execute arbitrary code and take full control of the computers. Please note that this vulnerability is being actively exploited. The Chrome security team reported the issue as a use-after-free vulnerability found in the FileReader component of the Chrome browser. The security team hasn't revealed any technical details of the vulnerability
Launching Vulnerability Manager Plus: Hunt down security loopholes with 100% precision
Amp up your endpoint security game with ManageEngine's all-new Vulnerability Manager Plus. Pinpoint, prioritize, and eliminate vulnerabilities with ease. With Vulnerability Manager Plus' 360-degree visibility, you can eliminate blind spots, uncover exposed areas of your network, and seal security loopholes before they lead to a breach. Vulnerability Manager Plus delivers the threat intelligence necessary to predict real risks from a plethora of vulnerabilities, and acts as a strategic partner in
Microsoft now requires SHA-2 algorithm to patch Windows legacy OS versions
Microsoft has said in an official statement that it will be ruling out the support for SHA-1 algorithm and migrate to SHA-2 hash algorithm for code-signing purpose. Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. Microsoft will be releasing updates that introduces
Adobe releases an update to fix a bug in their Zero-day patch released a week ago
After the update that was targeted at fixing the zero-day vulnerability, failed to patch it, Adobe has released another patch to fix the critical information disclosure bug in Adobe Acrobat reader. This zero-day vulnerability which was tracked as CVE-2019-7089 was reported by a security researcher on Jan 26 which could lead to disclosure of sensitive information. On Feb 12, Adobe tried resolving this issue by releasing a fix for this zero-day bug. But the security reacher found a by-pass in the
Update to the latest hotfix - logs issue fixed.
Hey all, There was a password printing issue in our logs, which is now fixed. There's no printing of critical data in the logs anymore, we have ensured with thorough testing that the logs are cleared of any passwords. Our customers can upgrade to the latest hotfixes as applicable. Learn about it here: https://www.manageengine.com/products/desktop-central/vulnerability-in-log-files.html Security is our foremost priority, and we strive to upkeep our users' security. Thanks for your understanding and
macOS Mojave 10.14.3 Supplemental Update for FaceTime bug
Apple has rolled out macOS Mojave 10.14.3 supplemental update that fixes the FaceTime bug that let people eavesdrop on unanswered group video calls. Besides, the macOS Mojave 10.14.3 supplemental update addresses another security issue involving Live Photos on FaceTime. Apple didn't disclose any information on that issue yet, but ensured that it's been fixed in the new update. Workaround: You can deploy macOS Mojave 10.14.3 supplemental update to resume using FaceTime without any issues. To deploy
Microsoft addresses Patch Tuesday security updates for January 2019
Hello everyone, Good day! Microsoft has just announced the Patch Tuesday security updates for the month of January 2019. This month's security updates fix various vulnerabilities and flaws in many Microsoft products. This includes, Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Framework ASP.NET Microsoft Exchange Server, and Microsoft Visual Studio Patch Manager Plus will support these patches as the
End of Public Updates for Java SE 8 - Commercial Users upgrade your package
Oracle has announced changes to ongoing support for Java SE 8 (Standard Edition). This forum describes how Patch Manager Plus will continue its support for Java SE 8 in January 2019 and beyond. More on this: Oracle recently announced changes to support for Public Updates for Java SE 8 In January 2019 Oracle will require those who wish to continue support for Java 8 SE to subscribe to the new Java SE Subscription offering to continue to receive Java SE 8 updates. This subscription covers all Java
KB4480960 and KB4480970 causing issues with network shares
Security updates KB4480960 and KB4480970 for Windows 7 SP1 and Windows Server 2008 R2 SP1 released on January 8, 2019 (January's Patch Tuesday) cause network shares to be inaccessible under certain circumstances: The issue is triggered only if the user attempting to make the connection is an administrator on the machine that hosts the Share. If the user is a non-administrative user on the device that hosts the share, the connection works fine. Workaround: If you are facing this issue, follow the
CVE-2018-19725 - Adobe releases critical patches to address major vulnerabilities:
Adobe has released critical security updates for Adobe Acrobat and Adobe Reader for Windows and Mac OSs. These updates addresses two critical vulnerabilities: Arbitrary Code Execution and Privilege Escalation. Affected Adobe versions which requires an update: Acrobat DC - 2019.010.20064 and earlier versions Acrobat Reader DC - 2019.010.20064 and earlier versions Acrobat 2017 - 2017.011.30110 and earlier version Acrobat Reader 2017 - 2017.011.30110 and earlier version Acrobat DC - 2015.006.30461 and
Patch Manager Plus cloud is now extra secure with TLS 1.2
Hey everyone, To strengthen the security of our cloud servers and protect customer data, we are enforcing TLS 1.2 across our services. After the upgrade, legacy machines, like Windows 2008 Server, without TLS 1.2 support will not be able to make contact with the Patch Manager Plus server. Make sure you upgrade your legacy machines to the latest TLS version or migrate the machines to more secure Operating system versions. Please upgrade the machines before mid of January 2019. If there are no legacy
CVE-2018-8653 | Severe Security Vulnerability fixes available
A severe vulnerability has been discovered by Microsoft: A remote code execution vulnerability corrupts memory in such a way that an attacker could successfully exploit the vulnerability and gain the user rights same as the current user. The Research team of Microsoft has released Cumulative updates CVE # 2018-8653, which needs to be deployed immediately. Cumulative and Delta Updates are also released on Patch Tuesday. This time, in the month of December they have released Cumulative and Delta updates:
SQLite "Magellan" bug affects Chrome: Update Chrome to version 71.0.3578.80
A highly critical remote code execution vulnerability has been discovered in SQLite, an underlying database engine embedded into the Chrome browser. This vulnerability has not yet received a CVE identification number. As of now, the SQLite vulnerability has been widely referred by the codename "Magellan". Google acknowledged the bug in its browser's underlying database and has issued a fix in it's latest versions for Chrome starting from Chrome 71.0.3578.80, generally referred as Chrome 71. This
Microsoft Patch Tuesday December 2018
Good day. Quick update on the December 2018 Patch Tuesday. New Security Bulletins : 2018-12 Security Update for Adobe Flash Player for Windows (KB4471331) 2018-12 Security Only Quality Update for Windows Server 2008 (KB4471319) 2018-12 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4471328) 2018-12 Security Only Quality Update for Windows 8.1 (KB4471322) 2018-12 Security Only Quality Update for Windows Server 2012 and Windows Server 2012 R2 (KB4471326) 2018-12 Delta Update
Share your thoughts about Patch Manager Plus and earn a gift card!
Dear folks, Thanks for your continued support of Patch Manager Plus. We would like to hear how we are faring. You can review us on IT Central Station here: https://www.itcentralstation.com/lp/vendor_invite?product_id=manageengine-patch-manager-plus Also, you can review us on Capterra: http://ca.gartnerdigitalmarkets.com/Patch-Manager-Plus-179288-SS-01_Write_a_Review.html What more, you will be entitled for a gift coupon worth $10 upon reviewing us on Capterra! Keep your reviews coming, your reviews
Microsoft pulls back a couple of MS Office patches after it's found to cause app crashes on start-up
Microsoft has rolled back two of its non-security Office patches- KB 4461522 and KB 2863821 that triggers entry point crashes in various Office 2010 products. These non-security updates were released earlier this month to comply with the changes coming in the Japanese calendar next month. In an update on the KB pages, Microsoft acknowledged that the updates were pulled due to the crashes in some applications and has also given a workaround. "After you install this update, you may experience
Microsoft Patch Tuesday November 2018: Everything you need to know
Microsoft has announced its Patch Tuesday updates for November, which contains patches for 64 vulnerabilities, 12 of which are rated critical. it also has patched ALPC along with a couple of publicly disclosed vulnerabilities. Here are the complete details: New Security Bulletins : 2018-11 Security Update for Adobe Flash Player for Windows (KB4467694) 2018-11 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4467703) 2018-11 Security Only Quality Update for Windows Server
Join us for an Endpoint Security seminar this November!
2018 is coming to an end but the fight against this year's cyberthreats is far from over. ManageEngine brings you an Endpoint Security and Management seminar where you'll have a chance to work with product experts on formulating a plan to protect your endpoints from different malware, including ransomware. Join us at any of our one-day complimentary seminars in Mumbai and Bangalore and show these threats who's boss! Register now to save your spot! What's in it for you? Discover the top cybersecurity
HP machines may experience a blue screen error WDF_VIOLATION after installing HP keyboard driver (version 11.0.3.1)
Problem: There exists a known incompatibility issue with certain HP machines running on Windows 10 version 1803 and up, when installing the HP keyboard driver version 11.0.3.1 2, either manually or through Windows updates. This may result in a blue screen error: WDF_VIOLATION, after installation. Solution: Scenario 1 You have installed the driver and a restart is pending If you have installed the HP keyboard driver (version 11.0.3.1), and you are pending a restart, do not restart your machine. Microsoft
Product Roadmap.
Is there documentation anywhere outlining what is coming up in the future releases and what the new features are and when they will be available?
detailed workflow?
i have reviewed the online documents regarding the workflow: https://www.manageengine.com/patch-management/help/patch-management-workflow.html but i am looking for something more detailed. are there other documents that contain more detailed information regarding the entire workflow of the product, including the patch syncing up process from Microsoft to manage engine, then the DB syncs to the on-premises Patch Manager Server to the deployment to the test groups, syncing up with the distribution
Tracking changes in the Admin console?
the 'Wake on LAN' feature was enabled on the Admin console which caused many of our systems to briefly lose network connectivity. the action log viewer was checked but nothing was in there indicating who / what / when this was done. is there anything else i can check to see who might have been logged in to our console and made this change?
Patching Suse-based servers and desktops
ManageEngine's Patch Manager Plus is soon to offer patching support for SuSE flavour of Linux. This enables administrators to manage all security patches that are released by the SuSE Linux, for subscribed SuSE Linux servers and desktops. It allows you to identify missing SuSE package updates, install them and audit too. Patch Manager Plus helps you come one step closer to maintaining a high level of security across Linux endpoints.
What does October 2018 Patch Tuesday updates have in store for tech pros?
Microsoft has released comparatively less number of updates this month for the Patch Tuesday. Here are the complete details: New Security Bulletins : 2018-10 Security Only Quality Update for Windows Server 2008 (KB4463104) 2018-10 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4462915) 2018-10 Security Only Quality Update for Windows Server 2012 (KB4462931) 2018-10 Security Only Quality Update for Windows 8.1 and Windows Server 2012 (KB4462941) 2018-10 Cumulative Update
Win10 1809 updates paused - Updates marked as "Not Supported" in Patch Manager Plus
We have official news from Microsoft, having paused the Windows 10 October 2018 Updates (Ver. 1809) for all users after issues of files being missing were raised. Hence, updates related to Windows 10 version 1809 will not be supported by Patch Manager Plus until the issue gets resolved. If you've already created a configuration for the upgrade, you don't have to worry about missing any file, because we have moved all updates to the "Not supported" category. Note: If you have manually downloaded
Top five enhancements of the Windows 10 October 2018 update
If you're a tech enthusiast or just a Microsoft fan, you're probably aware that Microsoft releases two major software updates a year for Windows. Windows 10 version 1809 was just released and is the second update of 2018. This comes as an incremental update, bringing a number of small improvements to various features like the Snipping Tool, Clipboard, and SwiftKey. Of all the changes Microsoft has brought in to Windows 10 version 1809, here's a list of the top five enhancements that make it worth
Can't update TightVNC Viewer
Hi! I have problem with updating TightVNC Viewer X64 (2.8.11.0) . The error is: "This installation package could not be opened. Verify that the package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer package." In logs on client PC I see that PMP Agent is trying to install tightvnc-2.8.11-gpl-setup-64bit.msi package, but downloaded package in folder 'Patch' is 307588-tightvnc-2.8.11-gpl-setup-viewer-64bit.msi Could you help with
Mac reboots automatically after OS updates:
In MacOS High Sierra(10.13 all versions), Combo updates and Incremental/Supplemental updates for Mac comes with inevitable reboots to complete the installation. This is an inherent nature of these patches and that can not be modified using our Automated Patch Deployment definitions. As of now, you can't skip/postpone reboots. It is advisable to schedule the Mac updates to non-production hours. If you have created an APD task to deploy Mac updates, configure deployment window to non-production hours
Microsoft Patch Tuesday updates for September 2018
Hello IT tech folks! New Security Bulletins : 2018-09 Security Update for Adobe Flash Player for Windows (KB4343902) 2018-09 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4457145) 2018-09 Security Only Quality Update for Windows Server 2008 (KB4457984) 2018-09 Security Only Quality Update for Windows Server 2012 (KB4457140) 2018-09 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4457143) 2018-09 Cumulative Update for Windows 10 Version 1607 and
Workaround for Filezilla Client Download Failure
Problem: Downloading Filezilla patches fail due to download link containing Hash Keys. Resolution: Follow the steps below to download Filezilla Updates and upload them to the patch store: Download the Filezilla Patch from the vendor site. If you are using Patch Manager Plus build 10.0.282 and above, you can use the upload patches option to upload any downloaded patches to the patch store directly from the console. Learn how to upload patches to the patch store using upload patches option. If you
August 2018 Patch Tuesday Updates from ManageEngine
Hello peeps, Good day. Quick update on the August 2018 Patch Tuesday. New Security Bulletins : 2018-08 Security Update for Adobe Flash Player for Windows (KB4343902) 2018-08 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4343899) 2018-08 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4343888) 2018-08 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4343896) 2018-08 Delta Update for Windows 10 Version 1607 and Windows
Fix for Patch Manager Plus server port in use issue
Hello everyone, Greetings from Endpoint management technical support team. A recently released windows patch has some issues which apparently shows ports as occupied when the application server releases its port for a restart. You'll find the known issue note on all the problematic updates as shown below. Known issues in this update Restarting the SQL Service may fail occasionally with the error, “Tcp port is already in use”. This issue is resolved in KB4345459. This has also affected the Desktop
Linux patch management using ManageEngine - a child's play
Exciting news for Linux administrators! We now support most flavours of Linux - the latest extensions being Red Hat and CentOS, to go along with Debian and Ubuntu. Just cut the complexities involved in APT, YUM commands, and deploy patches hassle-free using ManageEngine Patch Manager Plus! For a list of versions of Linux OS's supported, please refer here: https://www.manageengine.com/patch-management/supported-applications.html To learn about configuring Red Hat settings in Patch Manager Plus, please
Next Page