When you navigate to the Patches tab, the patches missing on your hosts that were detected using the Patch Management scan are shown.
The patches tab lists three types of patches:
- Automatic - Patch downloadable via the Cloud Agent (Qualys Patchable: Yes)
Qualys Patchable - Qualys Patchable are the patches that can be installed using Patch Management. Most of the patches listed on the Patches tab are Qualys Patchable.
- AcquireFromVendor - Patch must be acquired from the vendor and installed manually (Qualys Patchable: No)
AcquireFromVendor - We have certain patches which are listed under the Patches tab but cannot be installed using Patch Management. These patches are marked as "AcquireFromVendor" which means you need to manually download these patches from the vendor website and install them on the host.
Patches that are not marked as "AcquireFromVendor" are defined as "Qualys Patchable" which means they can be added to a patch job.
- Unavailable - Patch download information is not available (Qualys Patchable: No)
The default or custom assessment profile scans the assets for missing and installed patches at regular intervals. This information is then displayed in the patches tab in the form of missing or installed patches.
Note that patches are linked to QIDs using CVE IDs. The QID for a patch is not shown if the QID is not linked to a CVE ID. CVE ID is the common point of linking and required to link the patch with the QID.
Alternatively, you can go to the Assets tab to view missing patches count on particular assets. Once a deployment job on a Mac asset is executed, the missing and installed patches on the assets will be updated when the subsequent patch scan is completed.
Note: Sometimes, the count for the missing patches might not be correct. The data shown varies based on the latest agent scan. If new patches are made available before the next agent scan, the count might reflect the old patch count.