Kaseya Community

patch management

  • I have sent out patches to 3 different machines, after running all 3 machines were unable to open IE.

    I was able to uninstall IE8 on 2 of the computers and those 2 are able to work now the other one I am still working on.

     

    is there an issue?

  • I have the same problem only with IE6

    How do i fix that?

  • What patches did you send out?

  • I am not sure of the exact ones I am just starting on the kaseya and had several computers that are way behind on updates so I pushed out a bundle. After unistalling IE8 they worked connected again.

    I had one that couldnt connect I uninstalled her IE8 and she started getting an error I reinstalled it and shes fine now...

    these machines had IE8 previous to the patches and they worked fine

  • I've seen this many times before, It's the order in which your patches are being installed... and (thankfully...) has nothing to do with Kaseyas PM methods.  I've been able to replicate the issue on many XP that are way out on their patches...

    I haven't found out which patche(s) specifically break IE8 but what I've ended up doing is denying IE8 until it's the only thing that will show up in update, then install and finish up the patches.

  • ok I have been more selective and not just picking them all

    If I find out the problem child I will post it.

  • If you are startig with kaseya patch management on any of the machine, you should start with machine updates. And still if you feel something is causing machines to not funtion then you create patch policies and put respective machines in that policy group. Also grobally you can deny certain patches by putting those in KB overide section



    [edited by: Rajeev Sharma at 8:06 PM (GMT -7) on 11-3-2010] ....
  • Does patches i tried to install. But how can you know to install the patches in right order?

    KB982671

    KB971513

    KB968930

    KB943729

    KB928416

    KB925876

    KB2388210

    KB951847

    KB921896

    KB944036

    KB890830

    KB2158563

    KB2345886

    KB2141007

    KB2229593/MS10-042

    KB2387149/MS10-074  

    KB2079403/MS10-051  

    KB982214/MS10-054

    KB981957/MS10-073

    KB979687/MS10-083

    KB2416451/MS10-070

    KB2378111/MS10-082

    KB2360937/MS10-084

  • So at a rough guess these are what those there numbers mean:

    KB982671 - .net framework 4

    KB971513 - Windows Automation API

    KB968930 - Windows Management Framework Core package (Windows PowerShell 2.0 and WinRM 2.0)

    KB943729 - Group Policy preferences in Windows Server 2008

    KB928416 - .NET Framework

    KB925876 - Remote Desktop Client 6.0

    KB2388210 - Application Compatibility Update for Windows XP

    KB951847 - .net framework 3.5 sp1

    KB921896 - SQL 2005 sp2

    KB944036 - IE8

    KB890830 - software removal tool

    KB2158563 - time zone update

    KB2345886 - Extended Protection for Authentication

    KB2141007  - Extended Protection for Authentication  - outlook express and mail

    KB2229593/MS10-042 - Vulnerability in Help and Support Center Could Allow Remote Code Execution

    KB2387149/MS10-074 - publicly disclosed vulnerability in the Microsoft Foundation Class (MFC) Library

    MS10-051  - privately reported vulnerability in Microsoft XML Core Services

    MS10-054 - Vulnerabilities in SMB Server Could Allow Remote Code Execution

    MS10-073 - publicly disclosed vulnerabilities in the Windows kernel-mode drivers

    MS10-083 - Vulnerability in COM Validation in Windows Shell and WordPad

    MS10-070 - publicly disclosed vulnerability in ASP.NET

    MS10-082 - privately reported vulnerability in Windows Media Player

    MS10-084 -  privately reported vulnerability in Microsoft Windows

    So my advise would be to leave the service packs until last.  Do the security updates first... making sure that there are no known issues that will affect your setup, before you apply them!

    Then from those inbetween see which ones are relevant to the work that is going on, and again check to make sure there are no known issues with them.  

    Basically it should look like:

    Security updates

    then

    Machine updates that are relevant to your machine (i.e. don't apply Terminal services updates when you don't use them)

    then

    new or upgraded apps (like IE 8)

    then

    service packs.

    One thing to always check is whatever software that is on the target machine won't be affected by whatever you apply.  So for example HP ACU 7 (I think) stops working on IE 8 until you upgrade to the newest version.  And even then thats assuming that the hardware can take it...

    Hope that helps.

  • thank you for the reply This is realy usefull information