Scanning Engine Overview

The Shavlik Protect scan engine performs security patch assessment against a variety of Windows-based operating systems and products from Microsoft and other product vendors.

The Shavlik Protect engine uses an Extensible Markup Language (XML) file that contains information about which security hotfixes are available for each product. The XML file contains security bulletin name and title, and detailed data about product-specific security hotfixes, including:

The XML patch data file, called hf7b.xml, was created and is hosted by Shavlik.

When you run Shavlik Protect (without specifying advanced file input options), the program must download a copy of this XML file so that it can identify the hotfixes that are available for each product. The XML file is a digitally signed CAB file and is available on the Shavlik website. Shavlik Protect downloads the CAB file, verifies its digital signature, and then extracts the XML file to your local computer. Note that a CAB file is a compressed archive that is similar to a ZIP file.

After the XML file is extracted, Shavlik Protect scans your machine (or the selected machines) to determine the operating system, service packs, and programs that you are running. Shavlik Protect then identifies security patches that are available for your combination of installed software. Patches that are applicable to your machine but are not currently installed are displayed as in the resulting output. In the default configuration, Shavlik Protect output displays only those patches that are necessary to bring your machine up-to-date. Shavlik Protect recognizes roll-up packages and does not display those patches that are replaced by later patches.