1 of 1 people found this helpful
We use Shavlik's patch analysis engine, not Microsoft's. Impact is only listed for Security patches, all other patches are considered "Unknown."
I understand that this is quite old of a post but need clarification
I am in the process of getting information on security patches, for one of my security people and they had a question on why patches were listed as "Patch impact - Unknown: Set when the analysis engine returns inappropriate value" in the articles I am able to find it specifically says "BSA uses the Shavlik scanning engines and in that regard only security patches will contain relevant information and all other patches are classed as “unknown”.
in reviewing the patches listed by my security guy these are security patches like the ones listed below;
Microsoft Security Bulletin MS10-105 – Important
Microsoft Security Bulletin MS11-044 – Critical
Microsoft Security Bulletin MS11-099 – Important
Microsoft Security Bulletin MS12-001 – Important
Microsoft Security Bulletin MS12-010 – Critical
Microsoft Security Bulletin MS12-077 – Critical
Microsoft Security Bulletin MS13-023 – Critical
Microsoft Security Bulletin MS13-035 – Important
Microsoft Security Bulletin MS13-046 – Important
Microsoft Security Bulletin MS13-083 – Critical
Microsoft Security Bulletin MS14-018 – Critical
of course this is only a short list of what has been brought forward, and as you can clearly see from the list these are security patches and still return the classification of unknown
can we get some clarification on why these are listed as unknown
Open a ticket w/ support.
Thank Bill I will do that
John - it's been quite a long time since I've done Windows patching on a regular basis, but I can add what my experience was as best I remember. Bill can chime in if anything I post is incorrect.
1) The bulletins you listed are all 2.5 - 8 years old.
2) Shavlik looks at the entire industry (Adobe, Java, Firefox, Google, Microsoft, etc) and categorizes their patches differently than Microsoft
3) Shavlik actually handles patching Windows servers better than Microsoft (Shavlik handles superseded patches better, Microsoft tends to want to force you to install every patch)
On the surface my guess would be that because these patches are so old, Shavlik may not have bothered to categorize many of them. Last time I checked (which was a while ago) I thought they stopped using Unknown on all newer patches, but many older ones were marked that way.
FYI - I just looked up Bulletin MS14-018 on my Windows Patch Catalog and the Vendor Impact is set to Critical. So I assume that's why Bill suggested opening a ticket.
Thank you Joe
I have opened a task with BMC for this and you may see it in the queue
BladeLogic Server Automation Services
Please note that my E-mail address was changed to @atos.net domain. Please update your records and send E-mails only to John.Thies@Atos.Net
Please don’t send any E-mail messages to the @Xerox.com or @acs-inc.com address as it won’t be accessible after the end of December 2015
image001.gif 813 bytes