3 Replies Latest reply on Jun 29, 2009 8:38 AM by phoffmann

    Same Patche 'Detected', 'Installed', and 'Repaired'??


      This is not untypical of our PCs:


      Listed in the 'All Detected' section: windowsxp-kb958644-x86-enu._JMQZQ.exe

      Listed in the 'All Installed' section: windowsxp-kb958644-x86-enu._JMQZQ.exe

      Listed in the 'Clean/Repair' section: windowsxp-kb958644-x86-enu._JMQZQ.exe repaired on 20/06/2009 at 9:03:46





      For info, we have our sceurity scan interval set to every 2 days

        • 1. Re: Same Patches 'Detected', 'Installed', and 'Repaired'

          Has the machine rebooted and rescanned?


          What is the reason that it is vulnerable should be listed on the all detected one.

          • 2. Re: Same Patches 'Detected', 'Installed', and 'Repaired'

            Yes, the machine has been rebooted and rescanned.


            Sorry, i dont understand your second sentance.

            • 3. Re: Same Patches 'Detected', 'Installed', and 'Repaired'
              phoffmann SupportEmployee

              Hrmm - at a guess, there's usually a synchronisation problem in this sort of scenario, which should be fixed with this:


              1 - run "vulscan /clear" on the client.

              2 - run "vulscan /reset" on the client.


              (these two will wipe out the vulnerability information for this client (a) locally on the client and (b) in the Core's database).


              3 - Run a "normal" vulscan on the client. I.e. - just run the security scan from the start-group or schedule a security scan via the console / right-click schedule a security scan .


              Since now the client has 0 vulnerability information, you're effectively forcing a synchronisation scan for patch manager. Think of it as a "/sync" for vulscan (except that instead of a single command-line switch, it's 3 commands). You can script this in either a batch or even a custom script if you want .


              Now if the device THEN shows up these patches in all 3 sections, things are going to get rather interesting (and we'd probably like to have a look at that client)...


              - Paul Hoffmann

              LANDesk EMEA Technical Lead