4.2 Patch management

Apart from automatically downloading Microsoft patches and service packs, GFI LANguard can also deploy these updates network-wide as well as recall any patches that have already been deployed. Patches are generally recalled due to newly discovered vulnerabilities or problems caused by the installation of these updates such as conflict issues with present software or hardware. Examples of updates recalled by the manufacturer include patches MS03-045 and MS03-047 for Exchange that was released by Microsoft on October 15, 2006.

Both patch deployment and patch rollback operations are managed by an agent service, which handles all file transfers between GFI LANguard and the remote targets. This service is installed automatically on the remote target computer during patch deployment process.

Important notes

1. To successfully deploy missing patches ensure that GFI LANguard is running under an account that has administrative privileges.

2. Ensure that the NetBIOS service is enabled on the remote target computer. For more information on how to enable NetBIOS, refer to the Enabling NetBIOS on a network computer section in this manual.

3. A complete list of Microsoft products for which GFI LANguard can download and deploy patches is available at http://kbase.gfi.com/showarticle.asp?id=KBID001820.

4. GFI LANguard can be set to automatically download missing patches and service packs discovered during a network security scan. For more information, refer to the Configuring Microsoft updates section in this manual.