Objective
This article clarifies the reasons why an application receiving updates may report an older version during a scan and provides the process to resolve this issue.
Information
Occasionally, old versions of the software will still be detected when scanning devices after the application received remediation. As an example, Java may have received the latest update, but when the device is scanned again, the old version of Java is still reported. If this occurs, see the resolution steps below. This is due to two main reasons.
- The Patch Verification Scan or a new scan did not take place.
- The system requires a reboot to complete the install.
Resolution
- Confirm that Patch Verification scanning is enabled in the After Deployment Options.
- When configuring the remediation, select Customize in the After Deployment Options section.
- Verify the bottom option "Run a patch verification scan after deployment" is selected.
Note: If the user chooses to reboot the computer after the deployment, the Patch Verification Scan will occur after the machine was restarted.
If the user chooses to shut down the computer after deployment, the machine will be restarted, and the Patch Verification Scan will shut down the computer.
- In most cases, this will verify that the correct updated version of the software is reported back to the console after the remediation is complete.
- When configuring the remediation, select Customize in the After Deployment Options section.
- Occasionally software requires a reboot for the install to be completed. In these cases, you can use the same After Deployment Options to make sure a reboot is completed after the remediation, as mentioned above. Still, if the system cannot be rebooted immediately, the old version may be reported until a reboot is completed, and the next scan is performed. This is generally due to old registry data still being found in the system until the reboot has been completed.
- Reboot the device during the next available downtime.
- After the reboot is completed, run or schedule a fresh scan using the same scanning profile used to find the missing patch.
- The console should now report the currently installed version of the software.