Patch management - free tools or free webs

Posted on 2012-09-21
Last Modified: 2012-09-22
I have searched the web (not enough apparently) for a site/RSS where I can see a list of patches released frm various vendors.

If that's not availbla a tool would be nice too.

I'm NOT looking for a patch management tool where we can deploy for patches to be released or installed.

I just want to know when each vendor release their patches.
Question by:jensjakobsen
    LVL 116

    Accepted Solution

    We have been using CVE since it started in the late 90s, which lists vendors security vulnerabilities, RSS feeds are available, most major vendors are listed and submitted, and use CVE codes in their KB articles, against fix lists
    LVL 38

    Expert Comment

    by:Rich Rumble
    CVE's are good, Secunia is one of the better ones, I watch for products  we have that are going to get hacked rather than wait for a patch that may never come :)
    I believe they can mail you about certain products when/if there is and advisory:
    A few days before most "patch tuesday" sans puts out a small assessment of the patches that affect M$ products: even the out-of-band ones like this weeks:
    LVL 60

    Expert Comment

    Personally I like cvedetails site as it is a all in one. It does not so called give you that one patch release list for all vendors but it has the information within the site. Usually either I go straight for that vendor or product or cve else I use their google search within the site with keyword "patch" and the combination of vendor name etc to isolate the list. Not very neat but handy (at least scrawling high low...)

    Actually if you want to there is itsedb website leveraging OVAL(Open Vulnerability and Assessment Language) as well. Even itsecdb is fully integrated to so you can easily navigate between CVE, product and oval definition details.  one meas for it is check based on date - see "Patches By Release Dates"
    LVL 1

    Author Comment

    Thank you very much for your responses.

    CVE does the trick for me :)

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Join & Write a Comment

    Not many admins are aware that GPOs can be activated and deactivated time-based. Time to change that :)
    Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now