2 Replies Latest reply: Jun 16, 2014 3:52 PM by user83 RSS

    MVM reports missing Windows patches that Microsoft tools state are not missing

    ed87

      We have servers that MVM reports are missing hundreds of Microsoft patches, but when we look in SCCM or do a Windows Update, it says that there are only a few missing patches.  Which tool is correct?

       

      Also, does deleting the old patch uninstall folders impact the scan results.  Sometimes we remove those folders from the servers because they take up a lot of space and we rarely uninstall Windows patches.

        • 1. Re: MVM reports missing Windows patches that Microsoft tools state are not missing
          John M Sopp

          Ed, Ran into this issue. Typically, these are not false positives.

          three scenarios

          • The files that were supposed to be patched werent-in this case make sure the FSL output is enabled for CSV reporting-it will point you to the exact microsoft KB to download and manually install
          • The software is no longer supported by microsoft(example .Net2) thus SCCM won't patch it-in this case uninstall the old unsupported software and install the correct version
          • Superseded-this is the worst case scenario as you will have to cross reference the remediation recommendation to determine if it is superseded for This OS-if so, mark as a false pos. If not-it's valid..see one of the two solutions above.
          • 2. Re: MVM reports missing Windows patches that Microsoft tools state are not missing
            user83

            Another, less likely alternative, is that it is due to orphan files on the target system.  These are files that were associated with an application/feature on the system that was either removed or upgrade in the past and not all the files were removed properly.  Or you have another third party (non-Microsoft) application that requires certain files on the system that are related to Microsoft products.  In either cause these issues tend to take time and effort to track down and resolve.

             

            You just need to really examine the FASL Output in the reports and investigate the affected files identified.