Kaspersky Security Center allows you to manage updates of software installed on client devices and fix vulnerabilities in Microsoft applications and other software makers' products through installing required updates.
Kaspersky Security Center searches for updates through the update search task and downloads them to the updates repository. After completing the search of updates, the application provides the administrator with information about available updates and vulnerabilities in applications that can be fixed using those updates.
Information about available updates for Microsoft Windows is provided by Windows Update service. Administration Server can be used as Windows Server Update Services (WSUS) server. To use Administration Server as WSUS server, you should configure synchronization of updates with Windows Update. After you have configured data synchronization with Windows Update, Administration Server provides updates to Windows Update services on devices in centralized mode and with the set frequency.
You can also manage software updates through a Network Agent policy. To do this, you should create a Network Agent policy and configure software updating in the corresponding windows of the New Policy Wizard.
The administrator can view a list of available updates in the Software updates subfolder included in the Application management folder. This folder contains a list of updates for Microsoft applications and other software makers' products retrieved by Administration Server that can be distributed to devices. After viewing information about available updates, the administrator can install them to devices.
Kaspersky Security Center updates some applications by removing the previous version of the application and installing the new one.
A user interaction may be required when you update a third-party application or fix a vulnerability in a third-party application on a managed device. For example, the user may be prompted to close the third-party application if it is currently open.
Ensure that the Display Vulnerability and Patch Management option is enabled in the Configure interface window for the primary and secondary Administration Servers. Otherwise, the update search task handles only WSUS updates.
For security reasons, any third-party software updates that you install by using the Vulnerability and Patch Management feature are automatically scanned for malware by Kaspersky technologies. These technologies are used for automatic file check and include anti-virus scan, static analysis, dynamic analysis, behavior analysis in the sandbox environment, and machine learning.
Kaspersky experts do not perform manual analysis of third-party software updates that can be installed by using the Vulnerability and Patch Management feature. In addition, Kaspersky experts do not search for vulnerabilities (known or unknown) or undocumented features in such updates, as well as do not perform other types of analysis of the updates other than the specified in the paragraph above.
Before installing the updates to all of the devices, you can perform a test installation to make sure installed updates will cause no failures to the operation of applications on the devices.
You can find the details of third-party software that can be updated through Kaspersky Security Center by visiting the Technical Support website, on the Kaspersky Security Center page, in the Server Management section.