(imported topic written by SystemAdmin)
This is becoming a big issue for us. It seems that Lumension, KACE, Shavlik can all do this and I assumed TEM did also. Doing manually patches or opening a case for each one is very tedious.
Is this on the road map at for TEM?
(imported comment written by CSL2012)
I concur. I have to scrutinize the available fixlets and differentiate that with Security Audits to see what TEM is lacking and request a fixlet and/or determine a reasonable solution to meet Compliance. It would be nice not to have to go the extra step. I too am curious if this is on the roadmap for TEM.
(imported comment written by SystemAdmin)
It seems the lacking pieces are specifically the non-security updates. It doesn’t appear that products other than WSUS contain everything. I heard back from our IBM rep and they said that in 2nd half of 2012 they plan to have a way to address this issue. I was told the problem is that the updates are not in a central location from MS which make providing these updates difficult.
On a related note, how come when updates are installed by TEM, sometimes they show up in Windows Updates as needed? The only way to clear it is if you install the update again through W.U.
(imported comment written by SystemAdmin)
Yes, IBM is actually looking into ways to provide Fixlet content for non-security patches. We hope to make those capabilities available some time around the last quarter of this year.
Given the multitude of Microsoft products and released patches, it would be good to know what Microsoft products you end up patching regularly in your environment. That could help us prioritize our efforts. Appreciate any feedback.
(imported comment written by SystemAdmin)