Third-party software updates installation options
Expand all | Collapse all
You can install third-party software updates and updates from Windows Update on managed devices by creating and running the Install required updates and fix vulnerabilities task. The Install required updates and fix vulnerabilities task can be created only if you have a license for the Vulnerability and patch management feature. You can use this task to install the updates of other vendors' software.
A user interaction may be required when you update a third-party application or fix a vulnerability in a third-party application on a managed device. For example, the user may be prompted to close the third-party application if it is currently open.
As an option, you can create a task to install the required updates in the following ways:
- By opening the update list, and then specifying which updates to install.
As a result, a new task to install the selected updates is created. As an option, you can add the selected updates to an existing task.
- By running the Update installation wizard.
The Update installation wizard is only available under the Vulnerability and patch management license.
The wizard simplifies the creation and configuration of an update installation task and allows you to eliminate the creation of redundant tasks that contain the same updates to install.
Installing third-party software updates by using the update list
To install third-party software updates by using the list of updates:
- Open the list of updates by using one of the following paths:
- Operations → Patch management → Software updates.
- Assets (Devices) → Managed devices → <device name> → Advanced → Available updates.
- Operations → Third-party applications → Applications registry → <application name> → Available updates.
The list of available updates is displayed.
- Select the check boxes next to the updates that you want to install.
- Click the Install updates button. If this button is not visible, click the ellipsis button, and then select Install updates from the drop-down list.
To install some software updates, you must accept the End User License Agreement (EULA). If you decline the EULA, the software update is not installed.
- Select one of the following options:
- New task
The New task wizard starts. If you have the Vulnerability and patch management license, the Install required updates and fix vulnerabilities task is preselected. Follow the steps of the wizard to complete task creation.
- Install update (add rule to specified task)
Select a task to which you want to add the selected updates. If you have the Vulnerability and patch management license, select the Install required updates and fix vulnerabilities task. A new rule to install the selected updates is automatically added to the selected task. The selected updates are added to the task properties.
The task properties window opens. Click the Save button to save the changes.
If you have chosen to create a new task, the new task is created and displayed in the task list at Assets (Devices) → Tasks. If you have chosen to add the updates to an existing task, the updates are saved in the task properties.
To install third-party software updates, you have to start the Install required updates and fix vulnerabilities task. You can start this task by clicking the Start button in the task list or by specifying schedule settings in the properties of the task that you start. When specifying the task schedule, make sure that the update installation task starts after the Find vulnerabilities and required updates task is complete.
Installing third-party software updates by using the Update installation wizard
The Update installation wizard is only available under the Vulnerability and patch management license.
To create a task to install third-party software updates by using the Update installation wizard:
- In the main menu, go to Operations → Patch management → Software updates.
A list of available updates appears.
- Select the check box next to the update that you want to install.
- Click the Run Update installation wizard button.
The Update installation wizard starts. The Select the update installation task page displays the list of all existing tasks of the following types:
- Install required updates and fix vulnerabilities
- Fix vulnerabilities
- If you want the wizard to display only those tasks that install the update that you selected, then enable the Show only tasks that install this update option.
- Choose what you want to do:
- To start an existing task, select the check box next to the Install required updates and fix vulnerabilities task, and then click the Start button.
The task will complete in background mode. No further actions are required.
- To add a new rule to an existing task:
- Select the check box next to the task name, and then click the Add rule button.
The Add rule button is disabled if you select more than one task.
You cannot add a rule for a Fix vulnerabilities task. If you select a Fix vulnerabilities task, the following notification appears: "To install updates, use the "Install required updates and fix vulnerabilities" task."
- At the Create update installation rule step of the wizard, configure the new rule:
- Installation rule for updates of this importance level
Sometimes software updates may impair the user experience with the software. In such cases, you may decide to install only those updates that are critical for the software operation and to skip other updates.
If this option is enabled, the updates fix only those vulnerabilities for which the severity level set by Kaspersky is equal to or higher than the severity of the selected update (Medium, High, or Critical). Vulnerabilities with a severity level lower than the selected value are not fixed.
If this option is disabled, the updates fix all vulnerabilities regardless of their severity level.
By default, this option is disabled.
This rule is not displayed if the importance level of the selected update is Unknown.
- Installation rule for updates of this importance level according to MSRC
Sometimes software updates may impair the user experience with the software. In such cases, you may decide to install only those updates that are critical for the software operation and to skip other updates.
If this option is enabled (available only for Windows Update updates), the updates fix only those vulnerabilities for which the severity level set by Microsoft Security Response Center (MSRC) is equal to or higher than the value selected in the list (Low, Medium, High, or Critical). Vulnerabilities with a severity level lower than the selected value are not fixed.
If this option is disabled, the updates fix all vulnerabilities regardless of their severity level.
By default, this option is disabled.
This rule is displayed only for Microsoft software updates. It is not displayed if the importance level of the selected update is Unknown.
- Installation rule for updates by this vendor
This option is available only for updates of third-party applications. Kaspersky Security Center Linux installs only those updates that relate to the applications made by the same vendor as the selected update. Declined updates and updates to the applications made by other vendors are not installed.
By default, this option is disabled.
This rule is displayed only for third-party software updates.
- Installation rule for updates of the type
- Installation rule for updates of the selected application
This rule is displayed only for third-party software updates.
- Installation rule for the selected update
- Approve selected updates
The selected update will be approved for installation. Enable this option if some applied rules of update installation allow installation of approved updates only.
By default, this option is disabled.
- Automatically install all previous application updates that are required to install the selected updates
Keep this option enabled if you agree with the installation of interim application versions when this is required for installing the selected updates.
If this option is disabled, only the selected versions of applications are installed. Disable this option if you want to update applications in a straightforward manner, without attempting to install successive versions incrementally. If installing the selected updates is not possible without installing previous versions of applications, the updating of the application fails.
For example, you have version 3 of an application installed on a device and you want to update it to version 5, but version 5 of this application can be installed only over version 4. If this option is enabled, the software first installs version 4, and then installs version 5. If this option is disabled, the software fails to update the application.
By default, this option is enabled.
- Click the Add button.
The task properties window opens. The new rule is already added to the task properties. You can view or modify the rule or other task settings. Click the Save button to save the changes.
- To create a task:
- Click the New task button.
- At the Create update installation rule step of the wizard, configure the new rule:
- Installation rule for updates of this importance level
Sometimes software updates may impair the user experience with the software. In such cases, you may decide to install only those updates that are critical for the software operation and to skip other updates.
If this option is enabled, the updates fix only those vulnerabilities for which the severity level set by Kaspersky is equal to or higher than the severity of the selected update (Medium, High, or Critical). Vulnerabilities with a severity level lower than the selected value are not fixed.
If this option is disabled, the updates fix all vulnerabilities regardless of their severity level.
By default, this option is disabled.
This rule is not displayed if the importance level of the selected update is Unknown.
- Installation rule for updates of this importance level according to MSRC
Sometimes software updates may impair the user experience with the software. In such cases, you may decide to install only those updates that are critical for the software operation and to skip other updates.
If this option is enabled (available only for Windows Update updates), the updates fix only those vulnerabilities for which the severity level set by Microsoft Security Response Center (MSRC) is equal to or higher than the value selected in the list (Low, Medium, High, or Critical). Vulnerabilities with a severity level lower than the selected value are not fixed.
If this option is disabled, the updates fix all vulnerabilities regardless of their severity level.
By default, this option is disabled.
This rule is displayed only for Microsoft software updates. It is not displayed if the importance level of the selected update is Unknown.
- Installation rule for updates by this vendor
This option is available only for updates of third-party applications. Kaspersky Security Center Linux installs only those updates that relate to the applications made by the same vendor as the selected update. Declined updates and updates to the applications made by other vendors are not installed.
By default, this option is disabled.
This rule is displayed only for third-party software updates.
- Installation rule for updates of the type
- Installation rule for updates of the selected application
This rule is displayed only for third-party software updates.
- Installation rule for the selected update
- Approve selected updates
The selected update will be approved for installation. Enable this option if some applied rules of update installation allow installation of approved updates only.
By default, this option is disabled.
- Automatically install all previous application updates that are required to install the selected updates
Keep this option enabled if you agree with the installation of interim application versions when this is required for installing the selected updates.
If this option is disabled, only the selected versions of applications are installed. Disable this option if you want to update applications in a straightforward manner, without attempting to install successive versions incrementally. If installing the selected updates is not possible without installing previous versions of applications, the updating of the application fails.
For example, you have version 3 of an application installed on a device and you want to update it to version 5, but version 5 of this application can be installed only over version 4. If this option is enabled, the software first installs version 4, and then installs version 5. If this option is disabled, the software fails to update the application.
By default, this option is enabled.
- Click the Add button.
Continue to create the task in the New task wizard. The new rule that you added in the Update installation wizard is displayed in the New task wizard. When you complete the wizard, the Install required updates and fix vulnerabilities task is added to the task list.
Page top