Patch for Windows® Servers, powered by Shavlik

> Patch Management > Patch Management Overview > Determining Patch Replacements

Determining Patch Replacements

One of the benefits of Ivanti Patch for Windows® Servers is that it only shows you patches that are necessary for your machine to be up to date, and it doesn't show you earlier patches that have been replaced by later patches (although you can configure the program to do this if you want).

Many recent Microsoft security patches have been released as 'Cumulative Rollup' patches. Rollup patches include all the previously released security patches for the given product as well as including fixes for the most recently announced issues. A cumulative patch that completely encompasses an earlier patch is said to replace the earlier patch. In order for a patch to be replaced, all the files in the earlier patch must be included in the later patch, all file versions must be revved higher than those in the earlier patch (or the file versions must be the same as the earlier patch), and associated functional registry keys must be included in the replacement patch.

The XML patch data file contains information on each of the replaced patches. Ivanti Patch for Windows® Servers evaluates the patch replacement codes to identify patches that are applicable to each system being scanned. Particular attention is paid to replaced patches that span Service Pack applicability As an example:

Patch A is applicable to Windows 7 Service Pack 1 (SP1)

Patch B replaces Patch A and is applicable to both Windows 7 SP1 and SP2

Patch C replaces Patch B and is applicable to Windows 7 SP2

Ivanti Patch for Windows® Servers correctly scans for the presence of Patch C on Windows 7 SP2 machines, and for Patch B on Windows 7 SP1 machines - even though Patch B is marked in the XML file as being replaced by Patch C.


Was this article useful?    

The topic was:



Not what I expected