We have been running GP for a while now. Currently using 6.0.3. We would like to start using HIP to detect Microsoft patches installed.. I am finding major issues in detecting installed patches correctly.. I have the HIP object configured correctly and we started looking for KB5016616.. After a few days we compared the list of clients that said the patch was not installed to SCCM and Windows Update history. We found that all the clients has the patch installed but HIP says it isn't.. After doing a lot of research we found out what registry location that GP uses to search for installed patches. We also opened a case with PA.. The case with PA didn't help at all, I was asked to reach out to Microsoft.
According to PA tech GP looks in the following registry location..
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\
It looks for entries such as; Package_1_for_KB5017022
I am finding that when looking for patches such as KB5016616, 5017328, 5017308 I get reports that the patch is not installed but it is.. There is no registry entry like Package_1_for_KB5017308. It is a Cumulative Update.
So how can I get GP/HIP to work as expected when looking for installed patches?
thanks for your time.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!