Automated Windows Security with Patch MY PC rollout

Automated Windows Security with Patch MY PC rollout


What is Patch My PC?

Patch My PC is a software tool that helps keep your computer up to date by automating the process of downloading and installing updates for a variety of third-party software applications. It aims to simplify the management of software updates and patches, making it easier for users to ensure their installed programs are always running the latest versions with the most recent bug fixes and security updates.

How could it help you?

1. Automating Security Updates deployment

  • Time-Saving: Patch My PC automatically checks for updates for over 300 popular programs and installs them for you, so you don’t have to manually download and install updates one by one. This can save you hours in the long run, especially if you use a lot of third-party apps.
  • Always Up to Date: It ensures that your programs are always running the latest versions with bug fixes, new features, and security patches. Keeping software updated is important for performance and security.

2. Security Enhancement by keeping Applications up to dated

  • Fix Vulnerabilities: Many software vulnerabilities are discovered over time. If you don’t update regularly, your system could be exposed to security risks. Patch My PC helps by ensuring that all your applications are updated with the latest security patches.
  • Prevent Exploits: Outdated software is one of the most common ways that cybercriminals exploit systems. Patch My PC helps you avoid this by automating updates, thus reducing your risk of malware or other cyberattacks.

3. Efficient Program Management

  • Bulk Updates: If you use multiple programs (browsers, media players, utilities, etc.), Patch My PC allows you to update all of them in one go, rather than checking each program individually. This can make keeping your software up to date far less tedious.
  • Uninstall Unwanted Programs: Patch My PC also lets you remove programs you no longer need, which can help free up disk space and keep your system lean and efficient.

4. No Need to Remember Updates

  • Forget About Manual Checks: Instead of remembering to check for updates for each program, Patch My PC does this for you automatically. It checks periodically and installs updates for you without requiring any action on your part.
  • Simplified Process: You don't have to visit each software vendor's website to download the latest updates. Patch My PC does all the work behind the scenes, making the process seamless.

In shorts it helps you in following ways:

1. Regularly updating your software helps protect against security threats and exploits. Patch My PC helps you stay on top of this without manual intervention.

2. If you regularly use many applications, Patch My PC can simplify the process of keeping them up-to-date, saving you time and effort.

3. If you find updating software manually annoying or forget to do it, Patch My PC ensures that updates happen automatically.

4. By keeping your software current and removing unnecessary programs, Patch My PC can help improve your system's stability and performance.


What are the features it provides?

Patch My PC offers several features designed to help you manage software updates, improve system security, and save time. It eliminates downloading updates from internet that even could lead to security risk.

Here are the key features:

1. Automatic Software Updates in Integration with Intune & ConfigMGR

Automatic Checking and Installing: Patch My PC automatically checks for updates for over 300 popular third-party applications and installs them with just a click. This eliminates the need to manually visit each program’s website for updates.

Bulk Updates: You can update multiple programs at once, making the process much faster and more convenient.

2. Security and Stability with High compliance

Patches Security Vulnerabilities: By keeping all your third-party applications updated, Patch My PC helps prevent security exploits that occur due to outdated software. This ensures your system stays secure from known vulnerabilities.

Stable System Performance: Ensuring your software is always up-to-date minimizes bugs, crashes, and compatibility issues.

3. Scheduled Scans and Updates time to time

You can schedule Patch My PC to check for updates at regular intervals (e.g., weekly or monthly), so your software is always up to date without manual intervention.

With a single click, you can update all the apps that need an update.

4. No tool installation for Management

It uses configMGR & Intune Setup to deploy updates for clients in environment and it doesn’t require any applications to be installed on Clients. All updates will be visible in SCCM clients and deployment could be done in Available and required mode.

5. Support for Over 300 Applications

Wide Range of Supported Apps: Patch My PC supports more than 300 third-party programs, including web browsers (Chrome, Firefox), media players (VLC, Winamp), security software (Malwarebytes, Avast), and many other utilities.

6. No Internet Browser Required

Patch My PC can download updates for apps directly from the official sources, which means you don’t need to manually search for updates in web browsers.

7. Registry Cleaning (Pro Version)

 The Pro version includes an option for cleaning leftover registry entries from uninstalled software to maintain system stability and performance.

8. Backup Before Updates (Pro Version)

The Pro version allows you to back up programs before updates are applied, giving you the option to restore the previous version if something goes wrong.

What is the scope of Patch My PC?

Patch MY PC helps to cover following scope to keep your environment secure, ahead of market and provide comprehensive report:

Patch Management:

Manual Patching wastes time, increase risk of Vulnerability and human error. Patch My PC provides Automated solutions with configMgr, Intune and WSUS to deliver secure, pre lab tested, efficient updates.

It helps in following:

1. Saves time

2. Increase Security

3. Mitigate Risk

4. Simplify complexity


Application Management:

Manual Application managements leads to waste of human efforts and resource bandwidth, that valuable time could be used by other necessary tasks. Patch my patch provides features for more than 300 applications to up to dated by Automatic patch deployment for those third party applications by integrating with ConfigMGR and Intune. It also doesn't needs to be installed on any client to work, it can simply use SCCM client to install updates on clients for third party applications.

It helps in quick application update deployment and keeping them up to dated.

Compliance report could be generated through ConfigMGR and Intune.


Prerequisite for Patch My PC rollout?

If you are planning to onboard Patch MY PC for environment make sure you have following parameters check in place:

  • ConfigMGR or Intune Setup for integrating with Patch MY PC
  • Active Internet Connection (for downloading updates from Patch MY PC, clients don't need internet connection as updates will be downloaded from SCCM DP's)
  • Windows OS (Windows workstations 7 or later, Windows server 2012 and later )
  • Administrator Privileges (to install and update software)
  • Adequate Disk Space (for downloading and installing updates)
  • Supported Applications (check Patch My PC’s supported app list)
  • Firewall/Antivirus Configuration (to allow Patch My PC to update apps)
  • .NET Framework (optional but may be required for older systems)
  • Pro Version License (if using the Pro version for extra features)

Apart from Above your client should accept third party updates through SCCM, you would need to create following registry in environment:

Registry Hive

HKEY_LOCAL_MACHINE

Registry Path

Software\Policies\Microsoft\Windows\WindowsUpdate

Value Name

AcceptTrustedPublisherCerts

Value Type

REG_DWORD

Enabled Value

1

Deployment of Patch MY PC tool and updates:

To deploy software updates via Patch My PC integrated with Microsoft Endpoint Configuration Manager (ConfigMgr), you can automate the process of updating third-party applications on client machines. Patch My PC provides a seamless integration with ConfigMgr (formerly SCCM), which allows you to manage third-party applications as part of your organization's software deployment process.

  • Step 1: Set Up a Patch My PC Account

    • Go to the Patch My PC website and create an account. If you want to use it in an enterprise environment, you will need a Patch My PC Enterprise Subscription to access the ConfigMgr integration features.
    • Once you have your subscription, log in to the Patch My PC portal.

  • Step 2: Download and Install the Patch My PC Publisher Tool

    • Download the Patch My PC Publisher Tool from the Patch My PC portal. This tool is the central application for integrating Patch My PC with ConfigMgr.
    • Install the Publisher Tool on a system that has access to your ConfigMgr environment.

  • Step 3: Configure Patch My PC Publisher Tool

    • Open the Patch My PC Publisher Tool and connect it to your Microsoft Endpoint Configuration Manager.
    • In the Publisher Tool, you’ll be prompted to enter your ConfigMgr environment details (e.g., site server, site code).
    • The Publisher Tool will use these details to interact with your ConfigMgr environment and deploy updates to third-party software.

  • Step 4: Choose Applications to Deploy

    • Inside the Patch My PC Publisher Tool, you’ll see a list of supported third-party applications that can be deployed. These may include browsers, media players, security tools, utilities, etc.
    • Select the applications you want to deploy or update using ConfigMgr.
    • Patch My PC offers several options for each application (like version control, installation switches, etc.) to tailor deployments to your needs.

  • Step 5: Define Deployment Settings

    • Configure settings for each application, such as:
      • Install command line arguments (e.g., silent installs for non-interactive updates)
      • Deployment types (e.g., per machine, per user)
      • Update frequency (e.g., monthly or on-demand updates)
    • Ensure the update behavior is set to automatically download and install the latest version of the applications you've selected.

  • Step 6: Synchronize with ConfigMgr

    • Once the applications are configured in the Patch My PC Publisher Tool, sync them with your ConfigMgr environment. This will create application packages and deployment types in ConfigMgr, which can then be used to deploy updates to your client machines.

  • Step 7: Create Software Update Package

    • After synchronizing with Patch My PC, go to ConfigMgr and navigate to the Software Library.
    • Under the Software Updates section, you should see a new category for third-party updates (this will include the applications you've selected from Patch My PC).
    • You can now create a Software Update Package for these third-party applications, just like you would for any Microsoft updates.

  • Step 8: Distribute the Update Package

    • Once the update package is created, distribute it to the appropriate distribution points. This ensures that the necessary files and installation packages are available to the client machines.

  • Step 9: Deploy the Update Package

    • After the package is distributed, create a deployment for the update package. This can be done in ConfigMgr just like deploying any other software update.
    • Configure the deployment settings (e.g., schedule the update, specify collection groups, and set any required maintenance windows).
    • You can deploy updates to users or devices based on your organization’s needs.

  • Step 10: Monitor Update Deployment
    • In the Monitoring section of ConfigMgr, you can monitor the progress of the deployment.
    • Patch My PC integrates with ConfigMgr to track the installation and update process for the selected third-party applications.
    • You can see which updates were successfully installed, which failed, and view logs for troubleshooting.

==================================================
Thank you for your time!
Br~
Anmol

Comments

Post a Comment