Where are the patches in Resource Explorer

  • Article

 

On Server 2008/Vista and Server 2008R2/Windows 7 machines you will not find the patch information in Resource Explorer like you will for other OS’s.  This is due to a change in the way that those OS’s store their patch information.   Let me explain more.

Remember that Config Manager only gathers this information from WMI and then carry’s that information back to the database where you can then use resource explorer to see it.  With XP SP3 Windows stores the patch information in the Add Remove section of WMI.  You can view that by using wbemtest.  Connect to root\cimv2 and then run this query:   Select * from Win32Reg_AddRemovePrograms

clip_image002

As you can see in the above screen shot that WMI value has a lot of the patches stored there as well as installed programs.  Config Manager uses the information in the SMS_Def.mof file to collect this information automatically and it then appears in the Resource Explorer for each client.

In Server 2008 (Win 7) the patches are no longer stored in the Add Remove section of WMI.  They are in the Win32_QuickFixEngineering section.  In Wbemtest you can run this query:  Select * from  Win32_QuickFixEngineering

clip_image004

You then get a list of all the hotfixes that have been installed on that Server 2008 (Win 7) box.  You can also collect this same information via the SMS_Def.mof file.  We have that section in the mof already but it is turned off.  Here is what it looks like in the default SMS_def.mof file:

//===================================================================
// W A R N I N G W A R N I N G W A R N I N G
// DO NOT: Enable the Win32_QuickFixEngineering class unless you have
// installed the QFE for Q279225. Enabling this class without
// the QFE will result in inventory cycles taking a very long
// time to complete on the client and the WINMGMT service
// using 99% to 100% CPU time and leaking memory.
//
//===================================================================
[ SMS_Report (FALSE),
SMS_Group_Name ("Quick Fix Engineering"),
SMS_Class_ID ("MICROSOFT|QUICK_FIX_ENGINEERING|1.0") ]
class Win32_QuickFixEngineering : SMS_Class_Template
{
[SMS_Report (FALSE) ]
string Caption;
[SMS_Report (FALSE) ]
string Description;
[SMS_Report (FALSE) ]
string FixComments;
[SMS_Report (FALSE), key]
string HotFixID;
[SMS_Report (FALSE) ]
datetime InstallDate;
[SMS_Report (FALSE) ]
string InstalledBy;
[SMS_Report (FALSE) ]
string InstalledOn;
[SMS_Report (FALSE) ]
string Name;
[SMS_Report (FALSE), key]
string ServicePackInEffect;
[SMS_Report (FALSE) ]
string Status;
};

Note the warning at the top.  If you have older OS’s like Windows 2000 then make sure you have that Hotfix installed before turning this on for those clients.  Once you do get it turned on and clients start sending in the information you will see it in the Resource Explorer like this:

clip_image006

This is on my Windows 7 box.  The hotfixes are listed there now.  All you need to do is change all the FALSE to TRUE in the above section of the SMS_Def.mof file on each site and once the clients get the policy change they will send in the new hotfix information.