Check the result of patch installation/uninstallation tasks

Go to the Tasks menu at the top of the console to view those tasks in which patches have been installed or uninstalled from computers. Both provide a View results option that enables you view on which computers the action was taken and which patches were installed/uninstalled. See Patch installation/uninstallation task results and View installed/uninstalled patches for more information.

Exclude patches for all or certain computers

You have the option to prevent the installation of malfunctioning patches or patches that significantly change the characteristics of the target program. This is called excluding the patch. To do this, follow these steps:

  • Go to the Status menu at the top of the console. Click Add from the My lists menu on the left. Click the Available patches list. This list displays a line for each computer-available patch pair. An available patch is a patch that has not been installed yet on a specific computer or has been uninstalled from it.

  • To exclude a single patch, click the context menu associated with the patch. Select the Exclude option. A window opens for you to select the exclusion type.

    • Exclude for X only: Excludes the patch for the selected computer only.

    • Exclude for all computers: Excludes the patch for all computers on the network.

  • To exclude several patches and/or a single patch for multiple computers, select them using the relevant checkboxes. From the action bar, choose Exclude. A window opens for you to select the exclusion type.

    • Exclude for the selected computers only: Excludes the patches for the selected computers only.

    • Exclude for all computers: Excludes the patches for all computers on the network.

When you exclude a patch, you exclude a specific version of the patch. That is, if you exclude a patch, and later the software vendor releases a later version of that patch, this is not automatically excluded.

Make sure the programs installed are not in EOL (End-Of-Life) stage

Programs in EOL (End-Of-Life) stage do not receive any type of update from the relevant software vendor, therefore it is advisable to replace them with an equivalent program or a more advanced version.

Follow these steps to find those programs on the network that have reached their EOL or will reach it shortly:

  • Go to the Status menu at the top of the console. Select Cytomic Patch from the side panel.

  • Find the End-of-Life programs widget, which is divided into the following sections:

    • Currently in EOL: Programs on the network that do not receive updates from the relevant vendor.

    • In EOL (currently or in 1 year): Programs on the network that have reached their EOL, or will reach their EOL in a year.

    • With known EOL date: Programs on the network with a known EOL date.

Follow these steps to find all programs on your network with a known EOL date:

  • Go to top menu Status. Click Add in the My lists section in the side panel.

  • Select End-of-Life programs.

The list displays a line for each computer-EOL program combination found.

Check the history of patch and update installations

To find out if a specific patch is installed on the computers on your network:

  • Go to top menu Status. Click Add in the My lists section in the side panel.

  • Select Installation history.

The list displays a line for each computer/installed patch combination found, with information about the affected program’s or operating system’s name and version, and the patch criticality/type.

Click a computer’s context menu to display a number of options that enable you to:

  • View the patch installation or uninstallation task.

  • View all patches installed on the computer.

  • View all computers that have the selected patch installed.

Check the patch status of computers with incidents

Cytomic Patch correlates those computers where incidents have been recorded with their patch status so that you can determine whether an infected computer or a computer where threats have been detected has missing patches.

To check whether a computer where an incident has been detected has missing patches:

  • Go to top menu Status. In the widgets Malware activity, PUP activity, Exploit activity, or Currently blocked programs being classified, click a computer or incident. Information about the threat detected on the computer is displayed.

  • In the Affected computer section, click the View available patches button. The Available patches list opens, filtered by the relevant computer.

  • Select all of the available patches for the computer and click Install from the action bar in order to create a quick patch installation task.

Because the patching process may require downloading patches from the software vendor's servers and therefore delay their application, it is advisable to isolate any infected computer that needs patching and shows network traffic in the threat’s life cycle. This minimizes the risk of spreading the infection to other computers on the corporate network while the patch operation is taking place. See Forensic analysis for more details of the malware life cycle and Isolating one or more computers from the organization network for more information.