Kaseya Customers:

The Patch Management update has been released.


Hotfixes are controlled using Configure function on the System tab. Hotfixes can be automatically or manually applied. If you wish control when the hotfix is applied, the Enable automatic check should be unchecked.

We will host a Web Cast tomorrow, Tuesday October 30, 2007 at 11am PDT, to review the enhancements and changes to Patch Management. You can register for the Web Cast at the following:


The following is an overview of the update.

Kaseya Enterprise and Managed Service Provider Edition Patch Management Update


A key element of Patch Management is the ability to scan a system to determine which applications are installed, compare the information to a patch database and determine the current patch status of a machine. Kaseya Patch Management uses various sources and methods to determine the patch status of a machine.

As of the end of October, one of the data sources for our patch scanning engine will no longer be updated. To ensure that the Kaseya patch scanner always has timely and accurate information, we will be updating the Patch Management function via hotfix.

In the past, an update like this was done as part of a point release or major upgrade of the system. To ensure uninterrupted support of "Patch Tuesday", your Kaseya IT Automation Framework will be updated automatically using the hotfix mechanism prior to November's Patch requirement. We encourage you to familiarize yourself with the enhancements related to this release to prepare for November's patch schedule.

In the process of making these changes, Kaseya has taken the opportunity to incorporate selected improvements and feature requests. Improvements include, but are not limited to:

• Scanning
• Patch Scope
• Windows OS and Application Support
• Approvals
• Patch Details Popup
• Reports

Patch Scan Engine

A new Kaseya patch scan engine will be deployed as part of a machine's currently scheduled patch scan for those machines having any edition of Windows 2000 SP4, Windows XP SP2, Windows Server 2003, and Windows Vista. This new scan engine includes support for all 32-bit and 64-bit versions of Windows as well as increased support for Microsoft Exchange.

Patch Management User Interface

The current patch technology is product and bulletin centric. It was originally created to manage Microsoft Security Bulletins for specific Microsoft products. Viewing patch data in the current product reflects this in that patch data is presented based upon products such as Windows, Office, SQL Server, Windows components such as XML core services, etc. The primary patch identifier is the bulletin ID, typically the Security Bulletin identifier (MSyy-xxx) or an arbitrary identifier generated by Kaseya.

The new patch technology is update (patch) centric using the update's knowledge base article number assigned by Microsoft as the primary identifier and is presented based on the patch's update classification. The update classification describes the type of update such as security updates, critical updates, update rollups, service packs, etc. The screens under the Patch Management tab have been modified to support this update centric approach.

Patch Approval

The Patch Approval screen has been redesigned to present meaningful patch approval status data for a particular approval policy and to provide a means to drill down into the details to better facilitate approving and denying specific patches. The Patch Approval Policy Status page provides summary status data for the three different approval statuses for each different update classification. Now, with one glance, you can see the overall status of your patch approvals.

With this update, the patch scanning will detect and identify a much broader scope of patches and applications. As a result, we recommend that the patch approval process be used. Examples of new items detected include:

• Windows Genuine Advantage Validation Tool
• Internet Explorer 7.0
• Microsoft .NET Framework 2.0
• Microsoft .NET Framework 3.0
• Microsoft Base Smart Card Cryptographic Service Provider
• Windows Media Player 11
• Remote Desktop Connection (Terminal Services Client 6.0)
• Network Diagnostic Tool • Vista Language Packs for Vista Ultimate
• Vista Add-on Applications for Vista Ultimate

Patch Scans for Legacy Operating Systems

The current patch scan technology will be retained within the product to support all legacy operating systems that are not supported by the new patch scan technology. These include all editions of Windows 2000 SP3 and earlier, all Windows 9x editions, and all Windows NT4 SP6 editions. While Microsoft no longer provides patch management support for any of these systems, the existing store of patch data is still valid for these systems and will therefore continue to be available to update these systems to the level at the point where Microsoft ceased to provide patch support.

Best Regards,

Kaseya Product Marketing Team

Legacy Forum Name: October 2007 Patch Management Update,
Legacy Posted By Username: jimalves