Messages

I logged a support call and the fact that they do not patch software installed by users seemed to be new for the person who was assigned my ticket.  They went so far as review logs and were able to duplicate the issue in a lab.  PatchMyPC does not seem to be interested in making their product better as these apps are like playing a game of whack a mole where on any given day someone has installed them (often not on purpose).  So unpatched apps that interact with the internet that are installed by users represent a great attack surface for hackers.

Setting up a policy and features of Win10 to block the installing or running of apps in AppData has been seen as untenable for me even though I believe it would offer immeasurable security benefits.

I have worked with support and the issue is due to have the app was installed under the user profile.  Apparently PMP does not patch apps installed like this so we have a glaring hole in the capabilities of PMP. 8-(

I found https://patchmypc.com/how-to-view-applicability-rules-and-troubleshoot-detection-states-for-third-party-updates which is VERY helpful.  In step 3 the report shows that PMP does not believe that WebEx is installed so I will reach out to support since that was what my gut was thinking.

SCCM shows the endpoint as having WebEx 43.3.0.25468 (x64) installed on a system in the Hardware Inventory but it does not appear as "Required".  So SCCM is not offering or patching the system.  I am just not sure how to start troubleshooting why SCCM would not see the update as being needed.  Is there a KB or posting here that I might be overlooking?  I am working from the assumption that PMP has some type of file that is used for the detection of apps...

There is no reason to have this done with PMP...Palo gives you to the tools to update your systems easily and reliably.

Support indicated that this option for blocking the launch of Chrome no longer works properly and they are considering removing it for Chrome.  I updated my setup for Chrome (and Edge since it now has the same issue) and republished so the pop-up no longer happens.

We were asked that all applications install updates the same way with prompts to close the app since if a period of time goes by without any prompts then users complain when the prompt.  Apps that can be patched while running still need to be restarted to actually install the patch so this also ensures the app is secure.

This message is appearing when patching Chrome today and appears after you click on the UI to close the app for patching.  It is NOT caused by trying to launch the app itself in this case.  I logged a support ticket but curious if others are seeing this on this patch or other patches.  (We are patching Windows for the next few days and pause 3rd party to do so...but this update was critical.)

I just noticed new patches for Adobe Acrobat/Reader with a "(Rev 1)" appended to the title.  I do not see any mention on Adobe's site that they republished or released an update.  Is this something PatchMyPC did?

Yes!  This corrected this issue!
https://patchmypc.com/when-and-how-to-republish-third-party-updates#topic2

Since I have literally booted VM, opened Reader and checked for the policy to get it patched, I don't see how another process should be triggering.  I am going to hide the notifications in SCCM since this is just plain silly.

Despite setting up a company name I am only able to get the stock dialog to show when Patch MY PC believes there is a conflicting process.  I have ran a sync with Patch My PC, ran a sync with SCCM and still the default logo appears.  I have deleted deployments and recreated in SCCM without any change.

How in the blazes do you get the logo and text to update so it does NOT show this default text?

When Mozilla flips over to a new ESR release they generally wait to make the new release the default one.

My previous patching tool didn't approve the new ESR release to replace the prior ESR release until about a month before it went end of life.  The goal with ESR is stability so I welcome the slower cadence that gives me security updates without the bugs of the Rapid Release model which I do not like at all.

I pushed out test patches to all Cisco apps and we have these two plus Jabber deployed.  These two apps were just closed without warning to be patched while Jabber generated the expected pop-up about the need to close the app.  Does Patch My PC not test patches with the apps opened to verify this does not happen and cause a loss of data in a production environment?

On the Updates tab of the Publisher v2.1.6.0 I right-clicked on "All Products" and selected "Manage Installation Logging".  I then checked the box to enable logging during the installation of this update and accepted the default path of C:\Windows\ccm\logs\PatchMyPCInstallLogs.  I setup this when I did the initial install of the product days ago.  Now I am testing updating for the first time for Adobe Reader and while scratching my head at the reboot issue I am seeing, I thought I would look at the logs to see what was seen during patching.  But there are no logs in the folder specified...the folder itself does not exist.  Since I have seen the reference to saving this file to a computer share, plus just logic of the path, I am assuming this should be on the endpoint and NOT the SCCM server.  So should I not have a folder named PatchMyPCInstallLogs on the endpoint with atleast one log file that I can tie back to the patch being installed for Reader?

I also checked the verbose option, ran a sync inside the publisher, setup a new deploy and there is no change...still no logs whatsoever in the folder specified.  If I look at https://docs.patchmypc.com/get-help/log-reference-guide I do not see any reference to this folder...so this is just really puzzling.