Host Checker policy has false positives on patch assessment.
Hi, we have a SA4500 on 6.4R1 firmware. Host Checker is configured to evaluate the Windows patch level of client machines. We've setup a policy called "Microsof XP critical patches" to evaluate "Custom Rule: Patch Assessment" with "scan for specific patches" and we put only one patch: MS08-067 (Conflicker) patch for evaluation. (More will come but we want to get the issue fixed first before adding more patches.)
The problem is that on a lot of machines, this host checker policy will come back logging the following:
Host Checker policy 'Microsoft XP critical patches' failed on host x.x.x.x for user '[email protected]'. Reason: ''.
First, it does not print out what patch is missing, and more importantly, when we examined the user's machine, this patch is definitely there and host checker gave us wrong information.
We've configured to download the patch management and virus pattern updates regularly from Juniper and the downloads have been happening. Also, we're using the latest ESAP 1.4.9.
Wondering how others perform patch assessment? Have I configured it wrongly or something?
Re: Host Checker policy has false positives on patch assessment.
I wish I had a solution. I have a similar problem on Windows 2000 Pro. Juniper host checker report says there are four Microsoft Office patches not found, but Microsoft report says patches already installed or incorporated in later patch. To be sure, the four patches are not listed in control panel or register. If a later Microsoft patch incorporated a previous patch, then Juniper can't find it?
Do I have to uninstall Office, reinstall it, and then reapply all patches in order?