Install 3rd Party Application
Patches on Windows Endpoints
- This area lets you apply patches and updates to 3rd party applications on Windows devices.
- EM checks the third party applications on endpoints in areas such as program files, registry, start menu, users appdata if any patches are available for them and lists on the interface.
- The interface also shows details such as patch category, vendor name, and the number of devices that require the patch and release date. Each column in third-party patches lists can be sorted in ascending / descending / alphabetical order.
- Patches need to be approved for deployment. You can choose to decline / approve patches. By default, patches are automatically approved.
- You can filter patches by company and device group.
- You can hide those applications that you do not want to update.
- Hidden applications will also not be available for update from the 'Device Management' screen. They will also be skipped if named in a patch procedure.
- Click 'Show hidden patch(es)' to view hidden items.
- You can also create new procedures to deploy updates and patches for all or selected 3rd party applications. The procedures can be added them to profiles with a schedule to periodically install new patches and updates available on every execution.
Open the third party applications interface
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Each row shows the name of the software that needs to be updated. It also shows you how many devices have the software installed and how many of those require the update.
- You can apply updates to all devices or to individual devices:
- Patch All - Use the check-boxes on the left to choose the software you want to patch. Click 'Install Patches' to apply the update to all devices which require patching.
- Patch Individual - Click the number in the 'Upgradable Devices' row > Select the devices you want to update > Click 'Install Patches'
Third Party Applications Table - Column Descriptions |
|
---|---|
Column Heading |
Description |
Name |
Name of the software.
|
Vendor |
The software publisher. |
Category |
The type of the application. Possible values include:
|
Status |
Indicates whether the patch is ready for deployment. The statuses are:
|
Installed Devices |
Total number of devices on which the application is installed. This figure includes devices with patched and unpatched versions of the software. |
Upgradable Devices |
Number of devices which need to be patched because they are using an older version of the software. |
Release Date | The date on which the patch was released by Microsoft. |
Controls |
|
Install Patch(es) |
Allows you to install the patches/updates. |
Hide Patch(es) |
Allows you to hide selected patches that you do not want to update. Hidden patches will not be available for deployment on the 'Device Management' screen and will not be executed as well if added to a patch procedure. |
Unhide Patch(es) |
Allows you to unlock hidden patches. |
Create Patch Procedure |
Starts the wizard to create a new 3rdparty application patch procedure. You can create a new patch procedures to deploy updates and patches for all supported or selected 3rdparty applications. The new procedures can be added to profiles and scheduled to install selected updates onto your endpoints. See Create a New 3rd Party Application Patch Procedure for more details. |
Schedule Patch Procedure |
Takes you to the 'Profiles' interface in Endpoint Manager. You create new or edit an existing Windows profile and add/edit the 'Procedures' component in it to create a schedule for running a patch installation procedure on endpoints on which the profile is active. See Procedure Settings in Profiles for Windows Devices for guidance on this. |
Show hidden patch(es) |
Allows you to view hidden patches and, if required, install them on endpoints. Use the toggle button to hide / view hidden applications. |
Approve |
Only permitted patches are installed. See Approve / decline a third party application patch for more details. |
Decline |
Unapproved patches are not installed. See Approve / decline a third party application patch for more details. |
Auto Approve |
You can set the patches to be automatically approved.
|
- Click any column header to sort the items in the ascending/descending order of entries in that column.
- Click the funnel icon on the right to search for applications by name, vendor and / or category.
- See 'EM Supported 3rd Party Applications' for a full list of supported 3rd party applications.
The 'Patch Management' > 'Third Party Applications' interface allows you to:
View Details of an Application
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Click the name of any application to open its application details screen
The details of the application are displayed under two tabs:
- General - Displays the name, software publisher and the category of the application.
- Device List - Displays the list of managed devices on which the application is installed, with the details like the installed version, installation path and the device owner. You can update the application on the devices where required from this screen. See Update an Application On Selected Devices for more details.
- You can hide those applications that you do not want to update, from the list.
- These applications will also be not available for update from the 'Device Management' screen and will not be executed as well if added to a patch procedure.
- You can view the hidden applications by using the 'Show hidden patch(es) toggle button and update these applications on selected on devices.
Hide upgradable applications
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Select the application(s) to be hidden from the list and click 'Hide Patch(es)'
A confirmation is displayed. The selected applications are hidden from the list.
- To view the hidden applications, click the funnel icon, select 'Show hidden patch(es)' and click ‘Apply’
- To re-add the hidden applications to the list, you have to unhide them.
- You can re-add the hidden applications to the 'Third Party Applications' interface.
- Restored applications will also be available for being updated from the Device Management interface and can be added to a patch procedure.
View hidden upgradable applications and restore them
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Click the funnel icon on the right, select 'Show hidden patch(es)' and click 'Apply'
The hidden applications are shown with dark gray background stripe.
- Select the hidden app(s) from the list and click 'Unhide Patch(es)'
A confirmation is displayed. The applications are re-added to the list.
Update Selected Applications on All Upgradable Devices at once
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Select the application(s) to be updated, click 'Install Patch(es)' and choose 'Update to Latest Version'
A command is sent to Communication Client (CC) on the devices to commence the update.
- Once the command is received, CC checks whether the update has already been downloaded by other devices in the network.
- If the update is available, CC establishes a peer-to-peer network with the device and downloads the patch. This reduces bandwidth usage as the update is downloaded from the local network.
- If the update is not available on any devices in the local network, CC downloads the update from the EM patch portal.
Update an Application on Selected Devices
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select a company or a group to view the list of third party application patches and updates available for its devices
Or
- Select 'Show all' to view a list of all available third party application patches and updates
- Click
the number in the 'Upgradable Devices' column of the application to
be updated
The application details screen will appear with the 'Device List' tab open, with a list of devices on which the application can be updated.
- Select the device(s) on which the application is to be updated
- Click 'Install patch(es)' and choose 'Update to Latest Version'
A command will be sent to the endpoint(s) to schedule installation of the patch/update the application to the latest version.
A command is sent to Communication Client (CC) on the devices to commence the update.
- Once the command is received, CC checks whether the update has already been downloaded by other devices in the network.
- If the update is available, CC establishes a peer-to-peer network with the device and downloads the patch. This reduces bandwidth usage as the update is downloaded from the local network.
- If the update is not available on any devices in the local network, CC downloads the update from the EM patch portal.
Create a New 3rd Party Application Patch Procedure
- The third party applications interface lets you to create a new patch procedures for periodical updates and deployment of patches for all or selected 3rd party applications.
- The procedures can be added to profiles and scheduled to run periodically.
- The new patches and updates available for the selected applications are deployed on the endpoints to which the profile is applied during every execution of the procedure.
Create a new procedure
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Click 'Create Windows Patch Procedure' at the top
The 'Create 3rd Party Patch Procedure' wizard starts.
- The wizard allows you to set a name for the procedure, select the folder in which it is to be stored, select the applications to be updated and configure the restart options for the endpoints after the installation of the updates.
- Please see the explanation of creating an 3rd party application patch procedure in Create a Custom Procedure for detailed guidance on the wizard.
Approve / decline a third party application patch
You can deploy only approved and auto-approved 3rd party patches on endpoints. You can disapprove a patch so it cannot be deployed, for example, you want to evaluate whether the patch is required or not.
- Click 'Applications' > 'Patch Management'
- Select the 'Third Party Applications' tab
- Select
a patch and click ‘Approved’ or ‘Decline’ button at the top
- Auto Approve – Enable this button so when a new patch is listed here, it is automatically approved. If disabled, the patch shows its status as ‘Waiting for approval’.