This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Deploying Missing Patches

This Article Applies to:

  • Avast Business Hub

 

Once your devices have been scanned for missing patches, any supported patches that have not yet been installed will be displayed on the Patches page of your console. You can then deploy these patches manually (ad hoc) or set up automatic patch deployment.

By default, all patches found missing during a patch scan will be included in the deployment. If needed, you can omit certain patches from being deployed to devices by either ignoring them manually or adding them to patch exclusions (see Ignoring Patches and Configuring Patch Management Exclusions for more information).

Note that some patches can take hours to deploy, particularly if a patch is large and/or if you host a large number of devices in your network.

To download the up-to-date list of all supported patches, click here.

Configuring Patch Deployment

To enable automatic or manual deployment of missing patches:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Click the Settings tab, then Patch Management
  4. Expand the Patch scans and installations section
  5. Under Once scan has completed on endpoint device, choose one of the following:
    • Do not install patches: Select this option if you want to deploy patches manually (see section below for more information).
    • Install patches immediately once found missing: Select this option if you want missing patches to be deployed automatically as soon as the patch scan completes (note that the patches might first go into the Scheduled status before being downloaded and installed).
    • Install patches later: Select this option to enable and configure scheduled patching (choose between daily, weekly, or monthly frequency, and define the time of day you would like the deployment to take place)
      • If you decide on monthly installations, please ensure the day of the month you have chosen occurs every month (for example, do not choose the 31st day of the month unless you specifically want to skip installing on months without 31 days)

It is recommended you configure your patch deployment to occur right after patch scanning (second option) so any missing patches are deployed as soon as possible.

If you are using an Update Agent, that device will be used to store application and OS patches and will distribute them to devices in your network (same as with program and virus definitions updates).

Deploying Patches Manually

If you would like to deploy missing patches manually, you can do so from either the Devices page or the Patches page.

Devices Page

  1. Go to the Devices page
  2. Do one of the following:
    • For a single device, click the three dots next to it
    • For multiple devices, tick the checkboxes next to them, then hover over the More menu in the top right corner
  1. Select Install Missing Patches

Wait while the patch deployment command runs on the target device(s). Successfully deployed patches will be displayed on the Patches page under the proper filter.

Patches Page

  1. Go to the Patches page
  2. Click either Pending OS patches or Pending third-party patches at the top depending on which type of patches you want to install
  3. Do one of the following:
    • For a single patch, click the Install button to the right of the patch name
    • For multiple patches, tick the checkboxes next to them, then hover over the More menu in the top right corner of the patch list and select Install
    • For all patches, click Install all in the top right corner of the patch list

Wait while the patch deployment command runs on the target device(s). Successfully deployed patches will be displayed on the Patches page under the proper filter.

 

To learn more about the differences between the two patch deployment methods, see Automatic vs. Ad Hoc Patching.