Dear Users,
can I ask you how BigFix manage the new windows patches?
I mean, if Windows release a new patch/hotfix to replace an old patch, can BigFix trace this information?
For example, If I will install the new patch (A) that includes or integrate the old version (B), will BigFix alert me that I have not installed on my endpoints the older version (B), despite I already installed the new version (A)?
Second question: is BigFix based on the official repository of the most important SO provider (Microsoft, Linux, and more), or is based on a custom repository?
Thanks in advance for your feedback!
Bigfix marks the older fixlets as Superseded. The detection logic would also generally make an older patch non-relevant if a newer version is installed.
Yes, the content team uses the official download repositories for patch downloads, and the official release bulletins to determine applicability; but not the default detection xml file in case of windows (wsuscan.cab). Instead the Bigfix team examines the patch content and release notes to determine individual file version numbers, which usually results in a better detection result than Windows Update. We frequently find cases where Windows Update indicates a patch is already installed, but Bigfix correctly finds it to be Relevant again because another product has overwritten one of the patched files with an earlier version.
1 Like
Thanks a lot for your answer Jason!