Many years ago when we put Patch Management (via Client Management) into place, I was told not to do the checkbox next to Microsoft and only select products we need (there was some bug at the time, I believe).
Is this resolved, or is still recommended customers don't check that box like I do for other products?
I ask because I recently checked more boxes under Microsoft and found products installed I didn't know I had in my fleet (like Autocad products had installed a piece of Access 2010!). Ideally, I'd like to know about all microsoft vulnerabilities in my environment.
Please advise and thanks! Including screenshot below - looking to check the box next to Microsoft like I do for Mozilla to select everything under it.
PMImport with partial selection would obviously run faster but technically there should be no reason preventing you from selection of all products.
Previously it made sense as bulletins used to include updates for all applicable operating systems so unselection for some of the products allowed you not to download updates for OSes that you don't have in your environment. Nowadays bulletins are more granular and usually represent just one OS and its flavors.
There is also the following logic for autoselection of newly added products:
- if you have everything selected in PMImport (all vendors, all products) then newly added products would be automatically selected for the subsequent PMImport
- if some of the vendors/products are not selected it's expected that admin reviews newly added products and selects only required ones
thanks for the quick response @dmitri!