In Malwarebytes OneView, you can apply operating system updates for Windows using the Vulnerability and Patch Management module. Security updates are often available through operating system patches, so it is important to keep scanning your endpoints for available updates. For more information, see Configure Vulnerability and Patch Management in OneView.
There are three options to apply an operating system update:
A scheduled patch update is configured in your OneView console and automatically schedules updates to an endpoint with outdated operating system services. Schedules apply to all Windows operating system patches found at the time the schedule is run.
- On the left navigation menu, click Configure > Schedules.
- In the upper-right, click Add schedule .
- Enter a schedule name and choose Install OS Patches for Type.
- Optionally, filter which operating system patches install based on category and severity.
- Configure endpoint reboot settings with the options in the table below.
- Optionally, customize a deployment message and select the duration before the operating system patch automatically installs.
- Click Add another to include filters for un-selected categories.
- In the Schedule groups tab, choose Global (All sites) or select a site.
- Select available groups from the selected sites to scan.
- On the Schedule frequency tab, set the frequency, start date, and start time.
- Toggle on Run missed scans as soon as possible to allow the schedule to run if the endpoint was offline during the configured schedule time.
- Click Save.
Patch categories are defined using Windows standardized terminology for operating system services. For more information, see Microsoft software updates.
Watch the video below to see how to schedule operating system patches in OneView.
Don't reboot servers
|Prevent servers from rebooting after an operating system patch.|
|Use existing reboot settings||Follow the policy reboot settings.|
|Override existing reboot settings||Override the policy and customize the reboot settings.|
|Message to display when a reboot is required||The message displayed to users if an operating system patch requires a reboot.|
|Reboot automatically after||The time before the endpoint automatically reboots.|
|Allow end user to postpone reboot||
Allows the end user to postpone the reboot for 10, 30, or 60 minutes.
Note: A user can continue to postpone a reboot indefinitely unless the reboot delay time is reached. Subsequent popups will wait for 1 minute for additional postponement otherwise the endpoint will reboot. If a user postpones a reboot, the Events screen shows an Audit event.
Patch Management page
Navigate to the Patch Management page to view available system updates across your managed sites and endpoints. Use this page to manually apply these updates to endpoints if they are outside of schedule time frames or if critical fixes are required.
- On the left navigation menu, click Manage > Patch Management.
- On the OS Patch tab, select all or check specific boxes for system patches you want to install.
- In the top right corner, click the Apply patch icon .
- In the confirmation window, click Install.
The following information is displayed for available system updates across endpoints:
|Patch||Name of the available patch.|
|KB ID||Knowledge base ID of the patch.|
Description of the patch and provides directions on how to resolve the patch issue.
Type of patch available to install on the endpoint.
|Endpoint||Host name of the endpoint.|
|Identified date||Date the available patch was detected on the endpoint.|
|Size||File size of the available patch.|
|Reboot required||Requirement of a reboot to complete installation of the patch.|
Severity level of the patch:
|Site||Site name assigned to the endpoint with the available patch.|
|Vendor||Vendor name of the software requiring a patch update.|
Filter available patches
The Patch Management table helps you manage the available information pulled from your endpoints. Use filters within this table to sort your patching information into specified results.
Customize patch data in the table using the following options:
- Reset filters: In the upper-right corner of the page, click Reset filters to go back to the default filter settings.
- Add / Remove Columns: In the top-right of the table, click Add / Remove Columns to customize the table columns.
- Column pinning and auto-sizing: Next to a column header, click the filter button to display a checkbox list of different sub-filters you can apply. Click the filter tab to pin or auto size for the selected column.
- Right-click menu: In the table, click and drag to select and highlight a section of the table. Right-click on your selected information to copy or export a .csv or an .xlsx file.
Download all patch information to your local machine for auditing purposes or external reporting.
- Select all or check specific boxes for the rows you want to export.
- At the top-right of the Patch Management page, click the ellipsis icon .
- Click Download .csv or Download .xlsx to export your data.
Available patches tab
Navigate to the Available patches tab to view the ready to install operating system updates for specific endpoints. This tab is useful if a particular endpoint requires multiple system patches and you want to apply them all at once to that endpoint. Patches show up as available when the operating system isn't updated automatically and a scan identifies updates that are required on the endpoint.
To locate the Available patches tab:
- On the left navigation menu, click Manage > Endpoints.
- Click an endpoint name to view the endpoint's properties.
- Click Patches, then click Available patches.
To apply a system patch:
- Select all or check specific boxes for system patches you want to install.
- In the top right corner, click Apply Patch.
- In the confirmation window, click Install.
On the Endpoints page, add a new column to see how many available patches there are for each endpoint. The following column is available:
- Available patches: Shows the number of available OS patches and 3rd-party software updates. Click the value to go to the Patch Management page filtered by the selected endpoint.