Patch Management Software

Automated Patch Management for Windows

The popular patch management software aim at overcoming the vulnerabilities that create security weakness, corrupt critical system data or cause system unavailability. Such software vulnerabilities can be a nightmare for network managers. IT Administrators often find it tough to put together a solution without understanding how vulnerable their systems are. They look out for a patch deployment software that not only does patch deployment but also scans for network vulnerabilities, identifies missing security patches and hotfixes, applies them immediately and mitigates risk.

Desktop Central's agent-based solution handles every aspect of Windows, Mac, Linux and third-party application patch management. This includes system discovery; identifying the required Windows updates, Mac Updates and Third Party Applications detail; deploying relevant patches, hotfixes, security updates, and patch reports to make network administrators job simple. Network Managers can opt for this completely automated patch management software solution and don't have to worry about patching Windows systems ever. Desktop Central's Patch Management solution works for both Windows Active Directory and Workgroup based networks. You can now manage both Microsoft and Non-Microsoft Patches using a single Patch Management application.

Download free e-book: Six best practices for escaping ransomware

Refer to Securing Windows Desktops to see how you can enhance desktop security using Desktop Central.


  • Hosted Patch Database at ManageEngine site to assess the vulnerability status of the network
  • Completely automated Patch Management Solution for both physical and virtual assets.
  • Solution from detecting the missing patches/hotfix to deploying the patches
  • Patch based deployment - Deploy a patch to all the systems applicable
  • System based patch deployment - Deploy all the missing patches and hotfixes for a system
  • Provision to test and approve patches prior to bulk deployment
  • Automatic handling of patch interdependencies and patch sequencing
  • Exhaustive reports on system vulnerabilities, patches, OS, etc.
  • Periodic updates on the patch deployment status.
  • Support for both Microsoft and Non-Microsoft Patches.
  • Support for anti-virus definition updates for Microsoft Forefront Client Security software.

Automatic System Discovery

The Desktop Central solution performs automatic discovery of Windows systems using Active Directory. Administrators can choose the systems that have to be managed using Desktop Central. The Desktop Central agents installed in the managed systems perform the actions initiated from Desktop Central server. This agent is responsible for vulnerability assessment scan and patch deployment.

Online Vulnerability Database

The online vulnerability database is a portal in the ManageEngine site. This hosts the latest vulnerability database that has been published after a thorough analysis. The site lists all available Windows updates.The Desktop Central server located at the customer site, downloads patches from this database. It  provides information required for patch scanning and installation.

The Desktop Central Server located at the enterprise (customer site) scans the systems in the enterprise network, checks for missing and available Windows patches against the comprehensive vulnerability database, downloads and deploys missing Microsoft patches and service packs, generates reports to effectively manage the patch management process of the enterprise.

Vulnerability Assessment Scan

Desktop Central scans all the systems for missing Windows patches in the operating systems as well as applications. It reports the level of vulnerability after the scan. These missing Windows patches are identified from the local vulnerability database, which is periodically synchronized with ManageEngine's external online vulnerability database.

Approval of Patches

Most often the patches are deployed in a test environment before they are rolled out to the entire network. This makes the deployment error free and stable.When you have a team of system administrators, you can ensure that the patches tested by the team is directly approved for deployment, providing admins more time for other critical tasks.

Patch Deployment

Desktop Central deploys the patches based on missing Microsoft patches or system vulnerabilities. When deployed, the agent applies the relevant security updates and Windows patches.The status of patch deployment is then updated the status in Desktop Central. The installation process can be scheduled from patch settings option.

Patch Reports

Patch reports are available for system vulnerability level, missing Windows patches, applicable Windows patches, and task status.The reports can be exported to PDF or CSV formats.

Severity Based Patch Management

Desktop Central enables administrators to create and configure severity levels for the missing patches,eliminating the need to evaluate system health and vulnerability status based on a common list of missing patches. This helps deploy patches based on severity and ensures accuracy in identifying missing patches.

Automated Patch Management Solution

Automate your patch-management process using Desktop Central's automated patch deployment feature. You can now automatically deploy missing patches on the computers in your network. The tasks you can automate using the automated patch deployment feature include:

  • Scanning computers periodically to identify missing patches
  • Identifying and downloading the missing patches from the vendors' websites
  • Downloading required patches and creating tasks related to patch deployment
  • Downloading required patches automatically and installing them on to specific computers

Automation of all the patch deployment levels mentioned above can be specified for a specific set of client systems. You can choose to have different levels of automation for different sets of client systems. The process of deploying patches automatically depends on the level of automation you choose.

Microsoft Forefront Client Security Definition Updates

Anti-Virus definition updates is quite crucial for enterprises that run Microsoft Forefront Client Security software to protect their networks from the attack of trojans and viruses. With malicious code on the rise, Network Administrators need to keep an eye on these frequent definition updates to avoid any possible mishaps. However, you can simplify the process using Desktop Central's Patch Management options. Use automated patch deployment to frequently scan the systems for virus definition updates;specify the action to be performed on successful completion of the scanning.

Supported OS and Applications

  • Windows 7 (Enterprise, Professional, Ultimate)
  • Windows 8
  • Windows 8.1
  • Windows 10
  • Windows Vista (Enterprise, Business, Ultimate)
  • Windows Server 2008 R2(Datacenter, Enterprise & Standard)
  • Windows Server 2008 (Standard, Enterprise & Web Server Editions)
  • Windows Server 2003 (Standard, Web & Small Business ServerEditions)
  • Windows Server 2012
  • Windows XP Professional
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Mac 10.6
  • Mac 10.7
  • Mac 10.8
  • Mac 10.9
  • Mac 10.10
  • Internet Explorer
  • Windows Media Player
  • .NET Framework
  • DirectX (view complete list)


Free Patch Management Software

Manage Windows patches using the free edition of Desktop Central.

Refer to Patch Management and PatchManagement Life Cycle for more details.