Home
Patch User Guides
BigFix Patch provides an automated, simplified patching process that is administered from a single console.
Patch for Windows User's Guide
BigFix Patch for Windows™ provides Fixlets for Microsoft™ security and non-security patches. Dashboards, wizards, and reports aid you in managing updates for various endpoint devices.
Patch for Windows
You can manage Fixlets using dashboards, reports, and wizards. You can deploy, fix, and uninstall Fixlets. You can also view the breakdown of Fixlets available or needed in your deployment.
Fixing Corrupt Patches
Use the Corrupt Fixlet Wizard to fix multiple corrupt Fixlets and to create Fixlet copies or baselines without rebooting.

Patch User Guides
BigFix Patch provides an automated, simplified patching process that is administered from a single console.
- Patch for Windows User's Guide
  BigFix Patch for Windows™ provides Fixlets for Microsoft™ security and non-security patches. Dashboards, wizards, and reports aid you in managing updates for various endpoint devices.
  - Overview
    Patch for Windows™ creates Fixlets for the patches that Microsoft™ issues. The BigFix agent checks the registry, systems language, and other factors to determine if the patches are not installed or if an installed patch is corrupt. Notes® placed in the Fixlet® descriptions help Console Operators work around potential issues.
  - Patch for Windows
    You can manage Fixlets using dashboards, reports, and wizards. You can deploy, fix, and uninstall Fixlets. You can also view the breakdown of Fixlets available or needed in your deployment.
    - Patch using Fixlets
      From the console, you can select the action for the appropriate Fixlets that you want to deploy. The action propagates across your deployment. Patches are applied based on the settings that you make in the Fixlet work area and the Take Action dialog.
    - Supersedence
    - Windows Patch Client settings
    - Patches for Windows Overview dashboard
      Use the Patches for Windows Overview Dashboard to view the breakdown of security and non-security patches that are needed in your deployment.
    - Patch Overview dashboard
      View patch site information in your deployment including the most relevant items in deployment and comparisons of critical patches against other patches by site. The dashboard shows all the patches in your deployment, not just those for Windows. Set view options to see the last 10 actions done for every site.
    - Uninstalling patches
      Enter the Microsoft Knowledge Base (KB) number in the Rollback Task Wizard to uninstall patches.
    - Fixing Corrupt Patches
      Use the Corrupt Fixlet Wizard to fix multiple corrupt Fixlets and to create Fixlet copies or baselines without rebooting.
    - Using the Corrupt Patch Deployment wizard
      Use the Corrupt Patch Deployment Wizard to fix corrupt Fixlets by using Fixlet copies or existing baselines.
    - Patch Microsoft Office
      You can deploy Microsoft office updates and patches using Administrative, Network, and Local installation.
  - Installing and updating Click-to-Run products
    Install and update content for Microsoft Click-to-Run products through BigFix Patches for Windows.
  - Navigating Windows Application Update Patches in the BigFix console
    From the console, you can select the Action for the appropriate Fixlets that you want to deploy. The Action propagates across your deployment and applies patches based on the settings that you make in the Fixlet work area and the Take Action dialog.
  - Using the custom repository setting feature
  - Frequently asked questions
    Learn the answers to frequently asked questions.
- Patch for AIX User's Guide
  BigFix® for Patch for AIX® provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all AIX endpoints.
- Patch for Red Hat Enterprise Linux User's Guide
  BigFix Patch for Red Hat Enterprise Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Red Hat Enterprise Linux endpoints.
- Patch for CentOS Linux User's Guide
  BigFix® Patch for CentOS Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all CentOs endpoints.
- Patch for SUSE Linux Enterprise User's Guide
  BigFix Patch for SUSE Linux Enterprise provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all SUSE Linux endpoints.
- Patch for Ubuntu User's Guide
  BigFix Patch for Ubuntu provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Ubuntu endpoints.
- Patch for Oracle Linux User's Guide
  BigFix® Patches for Oracle Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Oracle Linux endpoints.
- Patch for Solaris User's Guide
  BigFix Patch for Solaris provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Solaris endpoints.
- Patch for HP-UX User's Guide
  BigFix® for Patch for HP-UX provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all HP-UX endpoints.
- Patch for Mac OS X User's Guide
  BigFix® for Patch for Mac OS X provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Mac OS X endpoints.
- Patch for Debian User's Guide
  BigFix Patch for Debian provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Debian endpoints.
- Patch for VMware ESXi User's Guide
  BigFix Patch for VMware ESXi provides you unified, near real-time visibility to manage patches to all VMware ESXi endpoints from a single console.
- Patch for Raspbian User's Guide
  BigFix Patch for Raspbian provides Fixlets that you use to manage the latest updates and service packs that Raspberry Pi releases. These Fixlets are available through the Patches for Raspbian sites.
- Virtual Endpoint Manager User's Guide

Fixing Corrupt Patches

Use the Corrupt Fixlet Wizard to fix multiple corrupt Fixlets and to create Fixlet copies or baselines without rebooting.

Corrupt patches are one of two major classifications of Fixlet messages for Microsoft. To learn more about the main classes of Fixlets for Windows patches, see Overview.

You get a Fixlet message when any of the files have an earlier file version than the version installed by the patch. The Fixlet message notifies you that the patch has been installed, but that not all the files are up-to-date, so you might not be secured against the vulnerability. You can then re-apply the patch using the Fixlet.

This two-step approach works gives you more information about why a patch is needed. This is better than an approach where you are simply informed that you have not installed the patch. For example, when you apply a patch to a group of computers, then later notice that BigFix displays that some computers have "corrupted patches", you will know that something has overwritten some of the files. This usually occurs if you install another application or an earlier service pack that overwrites the newer files.

Note: The BigFix Client continuously checks both the registry and file versions using extremely few computer resources, giving you get the benefit of continuous monitoring without having a large CPU, memory, hard disk, or bandwidth cost.

Corrupt patches can be difficult to correct in a baseline because of their requirement to reboot after application. If testing in your environment has established sequences of corrupt patches that can be safely applied without reboot, you can use the Corrupt Patch Deployment Wizard in the Patching Support site. Use this wizard to create Fixlet copies or baselines without rebooting.

If a machine has multiple corrupt Fixlets that are applicable, you can apply them all at the same time by using the Corrupt Fixlet Deployment Wizard.