/build/static/layout/Breadcrumb_cap_w.png

Java as a patch on new systems

Hello we noticed that for some (unknown) time Java is rolled out as a patch for all our machines.


Kace recognizes that this software is "missing" and installs the Java SDK 11.0, 11.0.1 and 11.0.2 on all our machines. As a test, I rebuilt a VM with Windows Server 2019 and started "detect and patch" there. The Java SDKs were installed there as well.

My expectation is that only software that is also on the system is patched.

Does anyone also have this problem?


Mg+yDmQdyDqQdSDrQNaBrANZB7IOZB3IOpB1IOtA1oGsA1kHsg7EOvBGZkjMkMyPzI+sA1kHsg5kHcg6kHUg60DWgawDWQeyDmQdyDqQdSDrQNYB6EAGznLEXY44zDqQdSDrQNaBrANZB7IOZB3IOpB1IOtA1oGsA1kHsg5kHUjoQAbOEkzJqHJGlbMOZB3IOpB1IOtA1oGsA1kHsg5kHcg6kHUg60DWgawDWQf+Hz7UNenbfOCNAAAAAElFTkSuQmCC




0 Comments   [ + ] Show comments

Answers (3)

Posted by: Photographix 3 years ago
Yellow Belt
1

It has cleared up. According to Quest Support it is a bug that currently (08.10.2021) affects Windows 10 and Server 2019. With the Full Installer option enabled. 

Posted by: KevinG 3 years ago
Red Belt
0

The patch schedule in the picture is defined to detect and deploy all patches. I believe that your subscription settings "Classification" has "Full Software," and the Publisher is including "Oracle Corporation." If so, this is working as designed.


A best practice would be to use labels. For example, you can define patching Smart label to target particular types of patches.

Using the Detect and Deploy all patches option is not recommended in a production environment, as there is the possibility of a patch breaking a business mission-critical application. Instead, use labels and first test your patch schedule on one or more test machines.

 You can change your subscription settings to avoid deploying full software installers.

Posted by: Photographix 3 years ago
Yellow Belt
0

Yes the settings are correct. We want to get major and minor updates/patches for each installed software. For software that is not yet on the computer - nothing should be installed. We have these settings since the beginning of this year. Only in the last two months we get the old Java SDK. According to the theory we should also get any other software (Adobe, Firefox, etc..). But it is only the old Java SDK 11 (currently I think v16).



 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ