There are several patch management tools for Windows, including products from Configuresoft, PatchLink, St. Bernard...
Software, Ecora, BigFix and Shavlik Technologies. Shavlick developed the HFNetChk scanning engine that is used by Microsoft's Baseline Security Analyzer. They also have a basic edition of their HFNetChkPro, which targets smaller organizations that don't need advanced patch management functions, such as scheduled scans and e-mail support.
If you are looking for a free Windows Hotfix utility, look into the Windows Hotfix Checker (WHC) by Michael Dunn. WHC is a front-end for HFNetChk. WHC runs HFNetChk, captures its output, and creates a report on the hotfixes that need to be installed. WHC can scan a local computer, remote computer or an entire NT Domain. On Windows 2000 and later, it can also scan an IP address, or a range of IP addresses. Once you've scanned for necessary hotfixes, WHC can also download them from Microsoft. WHC's detailed hotfix report includes hyperlinks to the Microsoft security bulletin and Knowledge Base article for each hotfix, so finding the correct page for hotfixes that are not directly downloadable is easy. Finally, once you have downloaded the necessary hotfix installers, WHC can run them for you.
Hotfixes are often chainable, meaning you can install several at once without having to reboot after each. WHC supports this by using Microsoft's QChain utility. It's important, however, to verify that the hotfixes you add to the install list are chainable, because it doesn't work with product updates that do not use update.exe as the installation program, such as Internet Explorer updates for Windows 2000 and Windows XP. Once you have installed your updates, you can verify that your computers have all the fixes you wanted to install by using the Qfecheck.exe tool.
Dig Deeper on Security patch management and Windows Patch Tuesday news
Related Q&A from Michael Cobb
An old Java vulnerability was discovered to have been ineffectually patched. Expert Michael Cobb explains how this happened and what can be done to ...continue reading
Google's Certificate Transparency tool publicly logs certificates issued by CAs. Expert Michael Cobb explains how the log viewer works to improve ...continue reading
Crowning the most secure web browser is difficult, with research often turning up biased results. Expert Michael Cobb explains how to make a choice ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.