Patch for Windows, powered by Shavlik

Viewing Patch Summaries in Machine View

The Patches tab in the middle pane displays general patch information about the machine(s) selected in the top pane. If multiple machines are selected in the top pane, this tab will display patch information for all selected machines. For example, if you select multiple domains in the top pane, summary information about all the machines in all domains will be displayed. The Affected machine count column indicates how many of the selected machines are affected by a specific patch or service pack.

A patch that is scheduled for deployment is considered to be still missing. This status will change after the patch is successfully installed.

The values for the Installed Patch Count and Missing Patch Count columns in the top pane may not always match the values shown in the middle pane. This is because the top pane counts every patch on every machine, while the middle pane counts only unique patches and ignores duplicates. You can use the Affected Machines tab in the bottom pane to determine if a particular patch is missing on multiple machines. Also, the middle pane breaks the patches into different categories and does not consider patches that are scheduled for installation or that are pending a reboot to be installed.

You can customize the way information is displayed within this pane. See Customizing the Column Headers for information.


Current patch status

The current status of the patch. This may be different from the status of the patch when the scan was originally performed. (For example, the patch may have been deployed since the scan was originally performed.)

Original patch status

Indicates the patch status at the time the patch scan was performed.


The software product affected by this patch.


The service pack level of the patch. For original patches the level will be Gold.

Affected machine count

Indicates the number of machines that are missing the patch. This number only applies to those machines that are selected in the top pane.

Patch type

Indicates the patch type. The possible types are:

Non-security Patches: The set of patches supported by Microsoft Software Update Services

Security Patches: Security bulletin-related patches

Security Tools: Patches for the malware tool provided by Microsoft Corporation

Software Distribution: Free third-party products that can be deployed by Ivanti Patch for Windows

Bulletin ID

Identifies the Microsoft Security Bulletin article that describes the threat addressed by the patch.

Bulletin Title

The descriptive title of the Microsoft Security Bulletin article that describes the threat addressed by the patch.

Download method

Indicates if the patch can be downloaded automatically by the program or if it must be downloaded manually. There may be a number of different reasons why a patch cannot be automatically downloadable. For example, you may have a patch that was created for a proprietary software program, or you may receive patches for a program that is no longer officially supported by the vendor.

If the value in this column is Automatic, it means that Ivanti Patch for Windows can download the patch automatically. If the value is Acquire from vendor or some other value, it means that you must manually download the patch on your own and then move it into the patch download directory. Once the patch is there it can be deployed using the normal deployment process.

Vendor Severity

One of four severity levels assigned by Ivanti based on the perceived threat of the vulnerability related to the patch.

(Red) Ivanti has deemed the problem associated with this patch to be Critical in nature.

(Orange) Ivanti considers the problem related to this patch Important to correct.

(Yellow) The related vulnerability is of Moderate severity.

(Gray) Ivanti has not assigned a severity level to this problem.


The knowledge base number used to identify the Microsoft-based patch.


This column is available only if you have a Government Edition of Ivanti Patch for Windows.

The number used to identify patches in the Information Assurance Vulnerability Alert (IAVA) XML file compiled by the U.S. Government.


Indicates if the patch can be uninstalled. Uninstalling a patch restores a machine to its original state before the patch was deployed. Patches must be uninstalled in the reverse order in which they were installed.


Indicates if the patch has been downloaded to the patch download directory.


The number of software products on the machine that have been designated as at End-of-Life by their vendor.

Bulletin release date

The original publication date of the security bulletin that identifies the vulnerability.


A user-supplied comment about the patch.

Detected culture

The local form of the operating system language detected on the target machine.

Download file name

The file name used by Ivanti Patch for Windows when downloading and deploying the patch. The name may include a three letter identifier that specifies the operating system language supported by the patch.

Patch release date

The date the patch was originally published.

Patch updated

The date an updated version of the patch was published.

Replaced by

The bulletin ID that identifies a more recent update for the vulnerability.


Was this article useful?    

The topic was:



Not what I expected