Verifying downloaded updates
Nov 27, 2023
Before installing updates to the managed devices, you can first check the updates for operability and errors through the Update verification task. The Update verification task is performed automatically as part of the Download updates to the Administration Server repository task. The Administration Server downloads updates from the source, saves them in the temporary repository, and runs the Update verification task. If the task completes successfully, the updates are copied from the temporary repository to the Administration Server shared folder (<Kaspersky Security Center installation folder>\Share\Updates). They are distributed to all client devices for which the Administration Server is the source of updates.
If, as a result of the Update verification task, updates located in the temporary repository are incorrect or if the Update verification task completes with an error, such updates are not copied to the shared folder. The Administration Server retains the previous set of updates. Also, the tasks that have the When new updates are downloaded to the repository schedule type are not started then. These operations are performed at the next start of the Download updates to the Administration Server repository task if scanning of the new updates completes successfully.
A set of updates is considered invalid if any of the following conditions is met on at least one test device:
- An update task error occurred.
- The real-time protection status of the security application changed after the updates were applied.
- An infected object was detected during running of the on-demand scan task.
- A runtime error of a Kaspersky application occurred.
If none of the listed conditions is true for any test device, the set of updates is considered valid, and the Update verification task is considered to have completed successfully.
Before you start to create the Update verification task, perform the prerequisites:
- Create an administration group with several test devices. You will need this group to verify updates on it.
We recommend using devices with the most reliable protection and the most popular application configuration across the network. This approach increases the quality and probability of virus detection during scans, and minimizes the risk of false positives. If viruses are detected on test devices, the Update verification task is considered unsuccessful.
- Create the Update and Malware scan tasks for an application supported by Kaspersky Security Center, for example, Kaspersky Endpoint Security for Windows or Kaspersky Security for Windows Server. When creating the Update and Malware scan tasks, specify the administration group with the test devices.
The Update verification task sequentially runs the Update and Malware scan tasks on test devices to check that all updates are valid. In addition, when creating the Update verification task, you need to specify the Update and Malware scan tasks.
- Create the Download updates to the Administration Server repository task.
To make Kaspersky Security Center verify downloaded updates before distributing them to client devices:
- In the workspace of the Tasks folder, select the Download updates to the Administration Server repository task in the list of tasks.
- Open the task properties window in one of the following ways:
- By selecting Properties in the context menu of the task.
- By clicking the Configure task link in the information box for the selected task.
- If the Update verification task exists, click the Browse button. In the window that opens, select the Update verification task in the administration group with test devices.
- If you did not create the Update verification task earlier, click the Create button.
The Update verification task wizard starts. Follow the instructions of the wizard.
- Click OK to close the properties window of the Download updates to the Administration Server repository task.
The automatic update verification is enabled. Now, you can run the Download updates to the Administration Server repository task and it will start from update verification.