Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [patch-management]

Patch Management refers to updating and patching systems, and particularly to tools and systems which automate this process for a large number of systems.

Patch Management refers to the important and never-ending task of installing software updates on systems, including the procedures involved with installing updates, defining update policies for an organization, and tools/systems to help with the patching process.

Patch Management may include patch selection methods (anything from manually reading the CVE list to automated vulnerability scans), patch deployment methods (manually installing patches, various software packages), and patch testing procedures (virtual environments, staged deployment, etc.)

Many tools (free and commercial) have evolved to help alleviate the workload. You may want to include a tag specific to the software you are using. Some examples include:

224 questions
0
votes
2 answers

run installer on all machines on domain

is it reasonable to automatically run an installer (for an activex control) as administrator on all machines in my domain, using an out-of-the-box windows (any version)?
Dustin Getz
  • 251
  • 2
  • 9
0
votes
5 answers

Efficiently installing fully-patched Windows XP, IE, and Office 2007 on an isolated PC

I have been tasked to install Windows XP, IE, and Office 2007 on a computer that will become part of a standalone network not connected to the Internet. What is a good way to install all of the security updates? I'm installing from CD's of Windows…
JPaget
  • 113
  • 1
  • 1
  • 5
0
votes
4 answers

how do you do linux patching in enterprise environment?

what are the most common tool that you used for linux patching in enterprise environment?
regmaster
  • 77
  • 1
  • 3
  • 9
0
votes
4 answers

What methods are available for updating a non-Internet-connected VMWare ESXi host?

I have a stand-alone installation of VMWare vSphere Essentials, with a vCenter Server and 3 ESXi 4.0 host servers. The environment is intended to remain as a stand-alone network, with the exception that I can "float" a workstation or server between…
romandas
  • 3,242
  • 8
  • 37
  • 44
0
votes
1 answer

Are there 3rd party tools or good custom queries for WSUS 3.0?

I'm working with a WSUS SP2 server, and I'm looking for ways to generate better reports. The built-in reporting system, is almost (but not quite) useless. My reading suggests that WSUS stores it's data in a SQL database, is anyone out there writing…
Bob
  • 2,559
  • 3
  • 25
  • 22
0
votes
1 answer

How to install Data Protector RPM patch in Linux?

Well, HPE Data Protector has a long tradition of doing odd things. For example the way an rpm "patch" is installed is not via -U or -F, but differently, which brings me to my question: In the past every patch was accompanied by a corresponding .txt…
U. Windl
  • 286
  • 2
  • 13
0
votes
0 answers

AWS Patch Manager and ECS Cluster Spot Instances

I have a ECS Cluster with a capacity provider providing me with spot instances to run docker tasks. I have Patch Manager set up and can run patches manually / on a schedule. However, I would like for Patch Manager to automatically run on new…
William Becker
  • 1
0
votes
1 answer

Why MS Exchange Security Updates come in pair?

I need to install this security update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463 on Windows Server 2016. Why there are two items for Windows Server 2016? Should I install only Update 22 because it includes Update 21? If I…
abenci
  • 503
  • 1
  • 7
  • 17
0
votes
1 answer

Does packages security patches are backported to older version?

I see on cve.mitre.org that OpenLDAP (slapd) package have plenty of vulnerabilities prior to 2.4.57. If I want to install OpenLDAP from official repositories on my Debian 10, which version is slapd/oldstable,oldstable 2.4.47+dfsg-3+deb10u6 amd64. Do…
Stormrice
  • 33
  • 4
0
votes
1 answer

How to get patches for Java SE?

I have been struggling with this all day. Going on day 2. I created a support.oracle.com account and can login, however I am redirected a page asking for a Support Identifier. I do not have one, reading it says it would have sent with the…
James Connigan
  • 137
  • 2
  • 12
0
votes
1 answer

What is the best way to patch a server Win2012R2 that has not being patched for 2 years?

1-Native Windows Patch 2-Patch Management Software (Security Controls from Ivanti)? Any other general advice on a sequence, timeline to perform this long patch?
Alphonso Alves
  • 1
0
votes
2 answers

How to patch vmware-esxi via vcenter

Our company is using a single vmware-esxi host (vmware-esxi v6.5) which hasn't been patched since installation. The VMs are a windows server and a vcenter appliance. Using Update Manager I attached the baseline "critical host patches (predefined)"…
Arcocer Cerchio
  • 3
  • 2
0
votes
2 answers

Patch for EOS Servers

My company have got a few Windows 2008 servers that have already reached end of support. We are delaying the decommissioning of the server and I am thinking of controls that can help to mitigate risks. Doing a rough check, i noticed that there are…
teo93
  • 1
  • 2
0
votes
1 answer

zypper lp command not working on Suse Linux

I'm trying to list patches in suse linux GCE using the zypper lp command, but I am getting the following error: "Medium not attached:…
ibrahiminui
  • 1
0
votes
1 answer

Periodically system security patches on K8s clusters?

We're trying to figure out a way to periodically have system security patches for our K8s cluster, to keep our system safe and meet the security requirements. our K8s clusters are running in different clouds, AWS, Azure, Bare metal, etc. for clouds,…
Ethan Xu
  • 343
  • 2
  • 10
1 2 3
14
15