|
|
The missing and availability status of a patch is determined by assessing these parameters :
These File change and Registry change details for a patch can be viewed by clicking on the Patch Name - in the Scan Result view of a system or in the Patch Information view and then clicking on the File&Registry Changes link.
PatchQuest compares the file names, their version numbers and checksum information from the vulnerability database, to those on the system that is being scanned. If any of the file versions and checksums on the scanned system are less than those stored in database, the associated security patch is identified as not installed or missing. If they are equal to or greater, the patch is considered as available.
The status is shown by the amark - to match the file version/checksum or x mark - to denote a mismatch. Note that the status info is available only when you view the Patch Details from the Scan Result view for a system and NOT from the Patch Information view.
Though traditional patch detection mechanisms rely mainly on registry keys, PatchQuest uses a combination of checksum / file version checks and registry entries to determine the patch status. The registry key that must exist on the system being scanned, for the patch to be installed, is shown the Registry Check table.
The status is shown by the amark - to denote the presence of the registry key or x mark - to denote a absence of it. Note that the status info is available only when you view the Patch Details from the Scan Result view for a system and NOT from the Patch Information view.
Note that some patches might not make any registry entries to the system on
which they are being installed. Therefore, the Registry Changes table maybe
blank for some patches.
|
|