Just curious why it always says "Not patched" if I run only a detect, then it returns patches that are needed with the detect status as "Not Patched", but if I run a detect and deploy, it still says Not Patched even for those patches that deployed.


1 Comment   [ - ] Hide Comment


  • Did the system reboot after the patch update? If not, then the system will need a reboot before the detect status changes from Not Patched. Once the system reboots, the system will be scanned again and should update the status.
Please log in to comment

Answer this question or Comment on this question for clarity



NOT PATCHED simply means that the 'vulnerability' has not been patched yet.

Should it be patched? Should someone install a fix for this? there are not standard answers: it depends by your needs.

The detect and deploy job configuration has two sections: what you like to detect (all the patches or some of them specified by one or more labels) and what you like to deploy (all the patches or some of them specified by one or more labels) and it's not required that the two sections need to be symmetrical.
You may decide to Detect for all the patches and deploy only the OS critical ones for example.

There is even another problem: let's say that you have a deploy and detect job that detects all the patches and installs all of them: you need to consider that not all the remediation content is immediately available on the K1000 (and/or eventually configured replication shares).
In a standard configuration the K1000 downloads every night only the signature of the patches and every 30 minutes the remediation content for the patches detect by detection jobs.
So it may happen that you detect on a device the need for 140 patches but in the database you have only the remediation content for 40 of them.
What happens to the other 100? They're not installed because the remediation content is momentarily missing, they are added to a ''patch content wish list'' that is processed every 30 minutes.

I hope this sheds a bit of light on the process ;-)
 Kind regards,
Marco - StockTrader   
Answered 04/14/2016 by: StockTrader
Red Belt

Please log in to comment