Deploying only patches released greater than 30 days
Our company wants to patch a month behind. I have setup a smart label to grab all patches that are not by Microsoft Corp. and were not released in the past 30 days.
This selection is perfect for us but we also have the box under Security > Patch Management > Advanced options --- "Inactivate Superseded Patches" checked. So for example if chrome released a patch in the past thirty days only that one will be active and all the others before that one will be inactive and won't patch due to our label. However, if I uncheck that box then all patches will be active right? and then when I run my >30 day label all those chrome patches that are detected missing will be run when we just want the latest one that was release in 30 days. Of course we want to do this with all the third party patches and not just with chrome.
I have been in touch with support over chat today a few times to clarify some things with patching but their solution was to create a manual label and select the most recent ones that way which isn't much help.
Has anyone had experience with this, is there an easier way of doing this?
Any help is appreciated, thank you!
-
You are saying two different things. Your patch label is for patches that were released more than 30 days ago, but then you are talking about patches that were released within the last 30 days. Please clarify. - chucksteel 5 years ago
Answers (0)
Be the first to answer this question
