Harjit, Thanks for your note.
With regards to the Java issue, then this has (to the best of my knowledge) been fixed already, and it should work out of the box. If you experience anything else, then please ping me directly at [email protected], and I will have the team look into it. In terms of SLAs, then our objective is to issue the advisory within 1 business day after this has been disclosed elsewhere (e.g. by the vendor), and then within 1 additional business day the patch is ready (so up to two business days in total). If you experience anything else, then please let me know, and I will look into this as well. There are sometimes deviations, for instance if we have to do some advanced scripting and testing, but we aim at meeting the mentioned SLA. Med venlig hilsen / Kind Regards, Morten Stengaard CTO Secunia Mobile +45 3046 3945 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Harjit Dhaliwal Sent: Friday, May 10, 2013 4:39 PM To: [email protected] Subject: Re: [mssms] SCUPDates Morten, The following is a disclaimer received when creating Java packages with Secunia CSI. Is the patch logic for Java and the detection of Java processes running on systems going to be addressed in CSI 7.0? As a workaround, we currently custom script them for proper Java detections, process terminations, and successful patching but it's tedious and long. Also, you may not be aware but in general, the SPS catalog does not get updated, sometimes for a few days when critical patches are released by vendors, therefore the task of distributing critical / security patches in a timely manner with Secunia becomes a major challenge. "Due to a bug in the Sun Java installer, this package can only be installed on target computers if Java is not running on them. Hence, all the applications that are using Java (primarily browsers) should be closed before installing the update. Note that as long as Java is running, this package will be listed as "Not Needed" for the computers. Do you wish to create the package anyway?" Thanks. -Harjit On 5/9/2013 4:05 PM, Morten R. Stengaard wrote: Todd, First a disclaimer: I work for Secunia! You are correct that customization of patches can still be challenging, and the patches provided out-of-the-box by companies like Secunia still have some limitations. Having said that, then what you are asking for, i.e. an easy way to customize the patches, is just around the corner, and we will introduce this in Secunia CSI 7.0, which is scheduled for release in Q3 this year. We are implementing some simple check boxes in the packaging wizard that allow users to for example disable auto-update and to remove the desktop shortcut, among other things to make it even easier to patch without having to spend time on modifying or repackaging the patches yourself. I expect that we will release version 7 in beta in early July (in about two months), so if you - or anyone else - is interested in joining the beta program and testing the new solution, please send me a note, and I will be happy to include you in the loop. Thanks, Med venlig hilsen / Kind Regards, Morten Stengaard CTO Secunia Mobile +45 3046 3945 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Miller, Todd Sent: Thursday, May 09, 2013 6:48 PM To: [email protected] Cc: [email protected] Subject: RE: [mssms] SCUPDates I have used a couple of the products. What I have found is that they work OK for finding what needs to be patched, but for actual patching, noting is that great. The problem is that there is no customization of the patches at all. They have made the patch package so you have to take what their packager thinks is best. For example, let's say you want to patch Quicktime. Basically what the patching systems do is put a wrapper around the Quicktime installer from Apple so that the installer can be deployed via WSUS. If you don't mind taking the defaults, then you are OK. That means you get a Quicktime desktop icon and Apple Automatic Updates stays enabled (or gets reenabled) among other things I find undesirable. If you want to have any customization then you end up needing to repackage the installer/updater/patch yourself anyway. The tool can help with detecting and deployment, but you still have to build the patch yourself. I haven't found a patching system yet that lets you just sit back and enjoy patching your third party products by clicking buttons. Even Adobe Shockwave and Flash I had trouble with. We deployed these controls with the MSI version originally and our patching tool deploys with the EXE. People who have patched these probably know what I am talking about. The patches that are deployed with the patching product leave automatic updates enabled (for adobe) and install without the backwards compatibility included in the MSI package. When I tried to check in the packaged patch from our vendor, it ended up leaving the MSI install and installing the EXE along side - so two copies of Shockwave in Add/Remove - not too cool. Anyway, what I am getting at is the patch process is eased somewhat by a patching tool - it helps tremendously in detecting what products are out of date. But it is still a lot of work and testing to actually deploy an update with any product. At least with a tool you can see how many systems need patching for a particular software product and that can help you prioritize your work. I don't think you will be able to buy something and then just start checking in and deploying patches. They don't really work that way in real life. From: [email protected] [mailto:[email protected]] On Behalf Of Clinton Arsenault Sent: Thursday, May 09, 2013 11:28 AM To: [email protected] Cc: [email protected] Subject: Re: [mssms] SCUPDates Secunia gave us an impressive demo at MMS2013. We are considering purchasing the product, but at this point we have not, so I don't have any true experience with it save the demo. http://secunia.com/ <http://secunia.com/> <http://secunia.com/> Thank you, Have a great day Clinton Arsenault Windows System Administrator Brunswick Enterprise IT Direct (865)582-2306 Fax (920)907-2500 [email protected] This email message may contain confidential or privileged information. If you are not the intended recipient, please delete the message and any attachments and notify the sender by return email. You should not retain, distribute, disclose, or use any of the information in this message. - Brunswick email policy I.01.07-D From: "Hermes, Todd E." <[email protected]> <mailto:[email protected]> To: "[email protected]" <mailto:[email protected]> <[email protected]> <mailto:[email protected]> , Date: 05/09/2013 12:19 PM Subject: [mssms] SCUPDates Sent by: [email protected] ________________________________ We are looking to extend our SCUP environment and we are looking at third party tools that integrate like Shavlik. Can anyone make any other recommendations for easing the burden of applying third party updates? Thanks, Todd ************************** This e-mail message may contain confidential or privileged information. If you are not the intended recipient, please delete the message and any attachments and notify the sender by return e-mail. You should not retain, distribute, disclose or use any of the information in this message. ************************** ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
