I ran a repair job on a computer and then scanned it with Microsoft Baseline Security Analyzer. I only ran MBSA to check for missing updates. The MBSA scan results said the PC was missing 4 updates; all .NET Framework updates. So I went to the LDMC and searched for these missing updates - I was trying to add the definitions to the repair group... but the definitions were not there. I searched using several different criteria and the updates were just not there.
So I searched the LANDesk Support Communities and found one conversation which was somewhat relevant. It said that LANDesk uses a different method to determine what patches a computer needs, and that it is more reliable than Microsoft at determining which patches are needed, or something to that effect. I was hoping I could find a way to download those specific patches into LANDesk and add them to the repair task, but there does not seem to be a way to download specific patches... only the task to download updates in selected categories.
So the problem is... even if LANDesk knows more about a Windows PC than Microsoft does, (and that would not surprise me) . . . and even if the workstation(s) really don't need those updates (even though MBSA says it does), the computer might be secure, but it is still going to show up on a security audit. We have a third-party company that performs quarterly security audits and they scan systems with MBSA to make sure the Microsoft patches are up to date. So it looks like we will either have the security audits show missing updates, or I will need to run Windows Update in addition to using LANDesk to patch systems. I wish there was a way to go to the core (or the LDMC) and ask it to download any update you want, provided it exists, but there is only the task to download updates based on the categories selected. Does anyone know of a way to download specific updates and make them available to repair groups?