Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [patch-management]

Patch Management refers to updating and patching systems, and particularly to tools and systems which automate this process for a large number of systems.

Patch Management refers to the important and never-ending task of installing software updates on systems, including the procedures involved with installing updates, defining update policies for an organization, and tools/systems to help with the patching process.

Patch Management may include patch selection methods (anything from manually reading the CVE list to automated vulnerability scans), patch deployment methods (manually installing patches, various software packages), and patch testing procedures (virtual environments, staged deployment, etc.)

Many tools (free and commercial) have evolved to help alleviate the workload. You may want to include a tag specific to the software you are using. Some examples include:

226 questions
1
vote
0 answers

How can I determine if Microsoft Patches are recommended or optional without using IUpdateSearcher?

On a single computer, it's simple enough to filter which updates Microsoft deems important by running a PS script such as the following: $session = New-Object -ComObject Microsoft.Update.Session $searcher = $session.CreateUpdateSearcher() $result =…
saltface
  • 415
  • 5
  • 17
0
votes
3 answers

VMs restarted during backup job - due to VM patching

I wonder what will happen when the VMs are restarted while backup is running ? Our backup runs almost 12 hrs at night. And at that time, we are also going to apply the patches and reboot the VMs. I am not sure what will happen if the backup is…
ToreTrygg
  • 352
  • 3
  • 8
  • 25
0
votes
1 answer

Unable to build initscripts package

I have some patches that I added in spec files and after adding those patches I am unable to build the rpm package. Obsoletes: hotplug <= 3:2004_09_23-10.1 Processing files: debugmode-9.03.61-1.0.3.el6_9.2prerel0.63189.x86_64 error: File must begin…
UnicsSol
  • 21
  • 3
0
votes
1 answer

Still receiving "Message frozen" warnings after fixing Exim CVE-2019-10149 critical vulnerability

After upgrading Exim4 to an official patched version fixing CVE-2019-10149 vulnerability (i.e. exim4_4.89-2+deb9u4) on my Debian stable server, I still get the "Message frozen" warnings about suspicious emails. Is it expected, or should these…
Skippy le Grand Gourou
  • 1,205
  • 17
  • 24
0
votes
1 answer

Do we need to reboot RHEL Servers, after making changes for control-alt-delete override?

We are planning on disabling the RHEL Server reboot triggered by control-alt-delete. for which we are going to follow the Steps mentioned here. However, that link does not say whether we need to reboot the server after making that change for it to…
Hrish
  • 87
  • 1
  • 8
0
votes
1 answer

Deleted flag on Sunsolve patch description

I have question about the Sunsolve patch description. In the filelist of the files belonging to a patch, some files are marked as (deleted). What does this mean? Is the file going to be deleted or just excluded from this revision of the patch? For…
chrw
  • 1,071
  • 5
  • 11
0
votes
2 answers

OS patches list

How can I check installed list of patches on OS separately for critical security plugins and all other updates. I tried "rpm -qa --last" and "yum list installed" but didn't get the desired output.
Sanat Dwivedi
  • 1
  • 1
0
votes
1 answer

Using salt-ssh for Ubuntu/Debian patching (dialog frontend is not usable)

I'm looking into replacing a Linux based home-grown patch management solution with salt-ssh. The current system uses a shell script to iterate through a list of hosts and copies a script named apt-update to the remote. After copying the script, the…
Server Fault
  • 3,714
  • 12
  • 54
  • 89
0
votes
0 answers

How to audit Windows patch level off-site?

I would like to audit different Windows servers and desktop machines off-site using configuration output generated previously on the machines (e.g. output of the systeminfo command). Previously I used Windows-Exploit-Suggester, but it is not…
BlackCat
  • 101
  • 1
0
votes
2 answers

Installing previous month's cumulative update

For some of our production systems we like to wait a few weeks to apply updates so that they've "baked" in the public a bit. We then wait a little longer after before patching backup systems lest we have issues in production with the patches.…
DuncanMack
  • 85
  • 2
  • 10
0
votes
1 answer

.NET 3.5 SP 1 and Web Platform Installer

I manage a Windows Server 2008 R2 box which has a .NET Framework related security issue that showed up in a recent security scan. Below are the security scan results: The following Microsoft .NET Framework version(s) do not have the latest service…
12AX7
  • 113
  • 1
  • 4
0
votes
2 answers

How To Patch Server running WSUS Without Shooting Yourself In The Foot

I'm starting to use WSUS for patch management and I'm a little light in the experience department. Our requirements are simple in that we want to make sure every server we have is up, on and ready for patches once a week. We can automatically…
Mike Malter
  • 109
  • 4
0
votes
1 answer

Debian Server - stable + backports or sid?

I have Debian Lenny, since it's stable most of the packages are rather outdated, example being SQLAlchemy 0.4, whereas the current version is 0.5.x. I'm wondering if I should go with setting up backports ( if so how should I specifically set them up…
meder omuraliev
  • 1,721
  • 3
  • 21
  • 30
0
votes
1 answer

jails in zfs space in freebsd 11, gives mount descfs error

Good Night, I am trying to deply a multijail environment using freebsd 11 on a OVH dedicated server. I created the cloned interfaces and created the jail , but as soon as I try to start it tells me that can not mount nullfs. I added this to…
Eddy
  • 7
  • 2
  • 10
0
votes
1 answer

Remotly obtain an application's Windows Installer patches via WMI or Powershell

I'm working on a remote administration app which needs to be able to obtain a list of patches which have been applied to an application. This Support article suggests there are two ways they could be…
user3587642
  • 1
  • 1
  • 1
1 2 3
15 16