Todd, First a disclaimer: I work for Secunia!
You are correct that customization of patches can still be challenging, and the patches provided out-of-the-box by companies like Secunia still have some limitations. Having said that, then what you are asking for, i.e. an easy way to customize the patches, is just around the corner, and we will introduce this in Secunia CSI 7.0, which is scheduled for release in Q3 this year. We are implementing some simple check boxes in the packaging wizard that allow users to for example disable auto-update and to remove the desktop shortcut, among other things to make it even easier to patch without having to spend time on modifying or repackaging the patches yourself. I expect that we will release version 7 in beta in early July (in about two months), so if you - or anyone else - is interested in joining the beta program and testing the new solution, please send me a note, and I will be happy to include you in the loop. Thanks, Med venlig hilsen / Kind Regards, Morten Stengaard CTO Secunia Mobile +45 3046 3945 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Miller, Todd Sent: Thursday, May 09, 2013 6:48 PM To: [email protected] Cc: [email protected] Subject: RE: [mssms] SCUPDates I have used a couple of the products. What I have found is that they work OK for finding what needs to be patched, but for actual patching, noting is that great. The problem is that there is no customization of the patches at all. They have made the patch package so you have to take what their packager thinks is best. For example, let's say you want to patch Quicktime. Basically what the patching systems do is put a wrapper around the Quicktime installer from Apple so that the installer can be deployed via WSUS. If you don't mind taking the defaults, then you are OK. That means you get a Quicktime desktop icon and Apple Automatic Updates stays enabled (or gets reenabled) among other things I find undesirable. If you want to have any customization then you end up needing to repackage the installer/updater/patch yourself anyway. The tool can help with detecting and deployment, but you still have to build the patch yourself. I haven't found a patching system yet that lets you just sit back and enjoy patching your third party products by clicking buttons. Even Adobe Shockwave and Flash I had trouble with. We deployed these controls with the MSI version originally and our patching tool deploys with the EXE. People who have patched these probably know what I am talking about. The patches that are deployed with the patching product leave automatic updates enabled (for adobe) and install without the backwards compatibility included in the MSI package. When I tried to check in the packaged patch from our vendor, it ended up leaving the MSI install and installing the EXE along side - so two copies of Shockwave in Add/Remove - not too cool. Anyway, what I am getting at is the patch process is eased somewhat by a patching tool - it helps tremendously in detecting what products are out of date. But it is still a lot of work and testing to actually deploy an update with any product. At least with a tool you can see how many systems need patching for a particular software product and that can help you prioritize your work. I don't think you will be able to buy something and then just start checking in and deploying patches. They don't really work that way in real life. From: [email protected] [mailto:[email protected]] On Behalf Of Clinton Arsenault Sent: Thursday, May 09, 2013 11:28 AM To: [email protected] Cc: [email protected] Subject: Re: [mssms] SCUPDates Secunia gave us an impressive demo at MMS2013. We are considering purchasing the product, but at this point we have not, so I don't have any true experience with it save the demo. http://secunia.com/ <http://secunia.com/> Thank you, Have a great day Clinton Arsenault Windows System Administrator Brunswick Enterprise IT Direct (865)582-2306 Fax (920)907-2500 [email protected] This email message may contain confidential or privileged information. If you are not the intended recipient, please delete the message and any attachments and notify the sender by return email. You should not retain, distribute, disclose, or use any of the information in this message. - Brunswick email policy I.01.07-D From: "Hermes, Todd E." <[email protected]> To: "[email protected]" <[email protected]>, Date: 05/09/2013 12:19 PM Subject: [mssms] SCUPDates Sent by: [email protected] ________________________________ We are looking to extend our SCUP environment and we are looking at third party tools that integrate like Shavlik. Can anyone make any other recommendations for easing the burden of applying third party updates? Thanks, Todd ************************** This e-mail message may contain confidential or privileged information. If you are not the intended recipient, please delete the message and any attachments and notify the sender by return e-mail. You should not retain, distribute, disclose or use any of the information in this message. ************************** ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
