Windows Software Update Reporting

What

Starting from FileWave version 14.7+ there is a better overview of updates that should be deployed to the Windows devices managed by FileWave so that you can easier identify possible risks and deploy needed patches. 

• The number of missing updates is reported for each Windows device
• A list of all installed updates is reported for each Windows device
• A list of all requested updates is reported for each Windows device
• Regardless of the enrolment type, all devices are reporting the status

Software Update management has been revisited for FileWave 16.0. Specifically for Windows:

• Windows Updates are now relying on managed devices reporting what they need rather than the offline catalog. This removes the need for parsing offline catalog, which was resource consuming and due to Microsoft limitations not covering all existing updates.
• Updates are downloaded directly from Microsoft and installed using Microsoft Update tools, which allows support for an increased number of update types.
• Updates themselves are not imported in FileWave server (only metadata), which speeds up the process. Clients and Boosters download updates directly from Microsoft CDNs. FileWave boosters can be used to cache updates to avoid Network load and use a new port on the Boosters.
  
• FileWave Client is not stuck anymore if Windows Update Service is hanging on the device.
  
• On Windows, update installation history is now made available, even for updates not installed via FileWave.

When/Why

Security is more important every day. Knowing the state of security of your endpoints is critical to protecting your environment so this enhancement will help with more detailed reporting around Microsoft patches. The data is collected every 1 hour from devices.  Read the OS Software Updates article for more details on applying the updates to Apple or Microsoft Windows devices. 

How

In the Native Admin, there is a new tab in the Client Info window, called "Software Updates"

• The Software Updates section displays all installed patches
• The Software Updates section displays all requested patches
• The device reports the status regardless of the way how it was patched (FW, manually, other tools)
• Additionally, a new property called Category is displayed to show what type of update is listed

It is possible to filter at the top of the table by: 

• requested (default status), installed, all
• category (those with at least one result will be listed)
• critical (yes/no)

In the Web Admin, there are two new information items in the Software Updates section of Device Info. 

• The overall number of missing and the number of (missing) critical updates are displayed
  • Both link to the Software Updates tab with the responding filter applied
  • In case of no results, the value "0" is displayed, but the link does not exist
• Regardless of the enrolment type, this section is available and functional for all Windows devices

In the Web Admin when going to the Software Updates tab of a device there is additional filtering and reporting of missing and installed software updates.

• Filters can be applied to the whole table:
  • All / Missing / Installed
• Columns can be filtered:
  • Critical (dropdown)
  • Categories (multiselection)
  • Status (multiselection)

In both the Native and Web Admins there are new fields that are usable for reporting on Windows patches.

As shown here KBArticle, MsrcSeverity, Support URL, Category, and Description are the new fields.
This is an example of Support URL, KBArticle, and MsrcSeverity used in a report.
These examples show Category and then Description.

Related Content

• OS Software Updates

• Restart (Windows)

• Installing Windows Updates that are not able to be automatically packaged