Update Manager Patching Information

DavidRiberdy · ‎04-16-2008

A few questions about Update Manager (pardon me if these have already been addressed):

1. How does VUM figure out if a server is missing patches? Does it scan the files that it knows the patches contain for compliance? Does it look in the registry or crawl the drive for the Q folders?

2. Does VMware release an XML or some other file that tells VUM that there are new / updated files or does it pull this information from MS?

We currently use WSUS and I want to make sure that if one or the other is used for patching that their techniques are different enough to be a good validation for the other to make sure all my patches are installed.

jjohnston1127 · ‎04-16-2008

1. Not completely sure how that works.

2. VMWare has a repository and they also have an agreement with shavlik.com that keeps a database of available updates for various products and both repositories are scanned for updates.

DavidRiberdy · ‎04-18-2008

We have used VUM to update one of our virtual machines and VUM reports only one missing patch - MSWU-116. WSUS reports 6 missing patches (none of which are MSWU-116). Why would there be a discrepancy between these two tools in determining what needs to be remidiated?

kjb007 · ‎04-18-2008

For windows patches, VUM uses Shavlik API's to scan the windows vm's for missing patches. Shavlik uses a variety of methods to determine missing patches, including file comparison of patch file updates. So it is pretty thorough, and does a pretty good job. We used to use Shavlik NetChk protect and VUM is very similar to what NetChk does as a stand-alone.

-KjB

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB

All

Update Manager Patching Information