How often does LANDESK release 3rd Party vulnerability content?
The patch content team has a monitor tool that monitors all 3rd party content twice a day.
When it finds an update for the 3rd party the patch content team is notified and work begins on the definition content.
Typically release of the content definition will be within 24 hours of the group receiving the notification.
If the update is not critical it may take more time if they are released on a weekend or on a public holiday.
Where does the LANDesk patch executable content come from?
LANDesk downloads the patch executables it deploys from the vendors’ web sites.
What vendor sites are used for downloading patches?
This list can be updated daily (depending on vendor and patch availability)
The following article details the complete list, and is accurate to the date on the filename of the .XLS file:
http://community.landesk.com/support/docs/DOC-1594
How can I see what download paths patches are coming from?
A current detailed list of URL's can be obtained by running a simple database query:
"select url from patch" without quotes
The following article details the complete list of URL's, and is accurate to the date on the filename of the .XLS file:
http://community.landesk.com/support/docs/DOC-9638
Most of the patches are downloaded with HTTP:// with a small number coming from FTP://
What is LANDesk’s Process for downloading Content through Security and Patch Manager?
LANDesk receives notification of a Patch
LANDesk will download the patches from the application vendor’s site.
LANDesk does not validate or test patches published by a third party vendor. It is the responsibility of the third party vendor to maintain the validity of the patches published on their websites.
LANDesk hashes the "official" patch made available by the vendor.
The file hash is to ensure that the patch downloaded from the vendor is the same file provided for remediation. This insures that the patch is authentic and has not been modified for malicious reasons or otherwise.
LANDesk creates vulnerability information including detection, install and uninstall commands, and the patch download location.
The Vulnerability Information is published to the Secure LANDesk content server.
What process does the LANDesk Core Server follow when downloading Patch Content?
- Vaminer.exe connects to the selected secure LANDesk content server (West coast, East Coast, EMEA).
- Connection to secure site is verified through a secure certificate.
- Vulnerability definition information is downloaded directly from Content servers e.g. patch.landesk.com.
- Patches are downloaded directly from the vendor’s site (with redundancy falling back to the LANDesk content servers for certain patches – (see the next question for more details) provided that the file's hash matches the hash created when LANDesk created the content.
Does LANDesk mirror ALL patches specified in vulnerability content?
Most if not all Microsoft patches are hosted on the LANDesk content servers. There are some Mac patches that are also hosted, usually large file downloads. The hosting of these patches provides a limited backup of the most accessed patches from these two main vendors. Some patch content cannot be legally hosted on the patch content servers and require they be downloaded directly from the vendor's web site (e.g. Adobe, Java). These files, however, are still hashed in the LANDesk vulnerability to provide the same level of file authenticity as files hosted on the content server.