Patch Tuesday reports not updating?

cpayne · ‎08-20-2020

We've been adding the patch Tuesday reports to our instance for some time now, but these reports never update after we apply patches to the computers. As one simple example, for the May report, it shows one server as out-of-date, requiring KB4556813. But if you look in the update history on that Windows server, that KB is definitely installed.

That report is from May, so we've rescanned our machines daily for months since then, and the report never changes at all. The ~180 red rows have stayed red the entire time.

Any ideas? Our updates are scheduled/installed through Azure automation. Do we need to do something within Lansweeper to get it to recognize those updates?

Bruce_B · ‎08-24-2020

Keep in mind that Patch Tuesday reports look for specific Windows updates. These updates are the monthly roll-ups. When you install the June monthly roll-up, the May monthly roll-up is removed from the computer. If you're in this scenario and you use the May report, all computers that had the June update installed will show as "red" in the output. It's best to use the latest Patch Tuesday report if you're applying updates the same month they come out.

The report also indeed indicates when Windows update information was last scanned, depending on your configuration it will not be scanned during every scheduled scan.

View solution in original post

Bruce_B · ‎08-24-2020

Keep in mind that Patch Tuesday reports look for specific Windows updates. These updates are the monthly roll-ups. When you install the June monthly roll-up, the May monthly roll-up is removed from the computer. If you're in this scenario and you use the May report, all computers that had the June update installed will show as "red" in the output. It's best to use the latest Patch Tuesday report if you're applying updates the same month they come out.

The report also indeed indicates when Windows update information was last scanned, depending on your configuration it will not be scanned during every scheduled scan.

cpayne · ‎08-24-2020

Bruce.B wrote:
Keep in mind that Patch Tuesday reports look for specific Windows updates. These updates are the monthly roll-ups. When you install the June monthly roll-up, the May monthly roll-up is removed from the computer. If you're in this scenario and you use the May report, all computers that had the June update installed will show as "red" in the output. It's best to use the latest Patch Tuesday report if you're applying updates the same month they come out.

Ah, I think you may have figured it out. My current (August) patch tuesday report looks pretty good after we applied patches this past weekend, but the further back in time I go the worse it looks. I wasn't aware the rollups were considered uninstalled after the next rollups are applied. That would completely explain it, and makes me realize I can't use these reports as indicators of historical compliance.

Thank you for that info!

brandon_jones · ‎08-21-2020

I would try the august 2020 report. In the report there is a column name Windows Update Info Last Scanned. See how many days that is. I'm not sure what status a previous months update would show.

I would also check the history on a few of your windows computers to make sure the updates are listed there.

cpayne · ‎08-21-2020

Hm, mine is already set to 7 and enabled. Even 30 should've been enough to find the fixes since May. I'm not sure that's the solution.

brandon_jones · ‎08-21-2020

You will need to go to scanning and scan item interval. Look for quickfix in the list. This is what tells Lansweeper to scan the windows update status and how often. In the refresh column I think ours was set to 30. I changed it to 1 and the report is now being updated.

Patch Tuesday reports not updating?

New to Lansweeper?

Try Lansweeper For Free