Shavlik Protect Version History

9.1.4334.0

Released 4/17/2014

    Major New Features

    • Localized Console Experience
      • Shavlik Protect is now localized for the following languages: Chinese (Standard), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish.
    • Localized SafeReboot
      • The SafeReboot dialog has been localized to support the same language set as above. The language of the client machine’s operating system will determine which language is displayed. The SafeReboot dialog will default to English if the operating system language is not supported.
    • Online Help
      • Localized versions of the Help system are now available on the Web. The help text will be localized according to the language specified on the Display Options dialog. An Internet connection is required in order to access localized help text from the console. For environments that do not have direct Internet access, an English-only version of the Help system is still shipped with the product and is available locally on the console.
    • IPv6 Support
      • Shavlik Protect now supports IPv6. IPv4 is still the preferred IP scheme that will be displayed in the UI, so for environments that happen to have IPv6 turned on but are not utilizing it yet, the IPv4 address will be the default address shown for machines.
    • Report Views
      • In conjunction with this release, Shavlik is providing a Report Views Guide that describes how to use database views within SQL Server database queries to generate custom reports for Shavlik Protect. This also allows for third-party tools such as SQL Reporting Services, Crystal Reports, Splunk, and others to be used to create reports for Shavlik Protect.

    Minor New Features and Enhancements

    • Improved Machine Resolution in FQDN and IP-only Environments
      • For customers who have environments that require FQDN or IP to resolve machines, Shavlik has made significant improvements to our machine resolver so that Shavlik Protect will retain multiple resolution methods for each machine. FQDN, Hostname, and IP can all be attempted to ensure the machine is resolved correctly.
    • Scan by Vendor Severity
      • The patch scan templates and the assessment engine have been updated to include filters that enable you to scan by vendor severity. You can now scan specifically for Critical, Important, Moderate, Low, or Unassigned security or non-security patches.
    • Deployment Workflow Enhancements
      • The deployment workflow has been consolidated to reduce the many branches that existed in the deployment experience. When you perform a deployment now you will see the same level of detail as a scheduled deployment. The deployment results are also available for viewing after the deployment is complete.
    • Machine-Level Status in Operations Monitor and in Deployment Tracker
      • A machine-level status has been added to the deployment flows. This gives you better visibility into the current state of your deployments.
    • Deployment Return Codes
      • Deployment return codes are now available within Deployment Tracker and within the deployment reports. Making the return codes available within the Shavlik Protect UI eliminates the need to comb through target machine logs for the return codes.
    • Active Directory (AD) Enhancements
      • Shavlik Protect is now able to discover any Active Directory Forests and Domains that are broadcasting themselves to the console machine’s domain. In addition, you can now add additional Forests and Domains and save credentials for these items. This allows you to browse these items without having to reconnect each time.

    Deprecated Features

      Features That Have Been Removed in Shavlik Protect 9.1

    • The following platforms are no longer supported for use as a console:
      • Windows XP
      • Windows Server 2003
      • Windows Vista
      • Windows Server 2008 (prior to R2)
      • Windows 8 (Windows 8.1 is supported)
      • 32-bit architecture operating systems
      • In response to Microsoft’s strategic direction and recent end-of-life announcements, Shavlik has removed support for the above platforms as a Shavlik Protect console. Shavlik Protect 9.0 is the last version to support these platforms as a Protect console. All of these platforms are still supported as agentless and agent-based targets.

        To help ease the migration to newer platforms, Shavlik has developed a migration tool that will help administrators to transition a console from one machine to another. Microsoft has announced an end-of-life for Windows XP in April 2014 and for Windows Server 2003 in April 2016. We are recommending that customers on these platforms migrate to newer operating systems as soon as possible. Shavlik will not be supporting Windows 8 as a console due to an incompatibility issue with Powershell 4.0, which is a new prerequisite in Protect 9.1. Windows 8.1 support is being added with Protect 9.1.

    • The following VMware ESX Hypervisors are no longer supported:
      • ESX 4.0
      • ESX 4.1 (ESXi 4.1 Hypervisors are still supported)

      Shavlik is removing support for hypervisor patching and offline VM, template, and snapshot features for these versions, as VMware is ending support for these platforms in 2014. Shavlik Protect 9.0 is the last version to support these versions.

    • Export to TIF, TXT, and RTF formats
    • Shavlik has removed support for these formats as they are little used and provide little value to the majority of customers. Future versions of Shavlik Protect will still support export to PDF, XLS, TSV, CSV, and XML formats.

      Features That are Targeted for Removal After Shavlik Protect 9.1

    • Windows Server 2000 support for agentless scan and remediation will be removed after 9.1
    • Shavlik is announcing that Protect 9.1 will be the last version to support Windows Server 2000 as an agentless target. Protect 9.1 will support this version of Windows until it reaches its end-of-life, which has not yet been announced.

    • SQL Server 2005 support will be removed after Protect 9.1
    • Shavlik is announcing that Protect 9.1 will be the last version to support SQL Server 2005 (all editions). Customers should work towards moving to newer editions of SQL Server as soon as possible.

    • User Criticality Filter will be removed after Protect 9.1
    • With the introduction of the Vendor Severity filter, the User Criticality Filter’s primary function is now obsolete and will be removed in a later release. The feature has a high maintenance cost and low value for most customers.

    Bug Fixes

    • Resolved an issue where duplicate agent results could conflict, causing import to fail.
    • Resolved an issue where duplicate agent results cause a loop on import, blocking up the import queue.
    • Resolved an issue where custom patch could allow a .bat file to be used which would cause agents to fail deployment. The .bat extension has been pulled from the custom patch file options.
    • Resolved an issue where LDAP over SSL connections would attempt to use the Shavlik Certificate. The Shavlik Certificate on upgrade will be moved into a custom store.
    • Resolved an issue where the 'Is Policy Current' value for Threat Protection Agents could incorrectly show as No when they really are up to date.
    • Updated the Help System to include descriptions for agent icons that were not documented.
    • Updated the Help System with an outbound port 443 requirement for the Protect Cloud Sync feature.
    • Resolved an issue where a result could not be imported if the service pack of the product could not be determined.
    • Resolved an issue where attempts to delete a partial scan result could result in a console crash.
    • Resolved an issue where an agent result missing the EndTime attribute would fail to import.
    • Resolved an issue where the Patch Status Detail Report could end up with PatchBulletinTitle on multiple lines due to a carriage return.
    • Updated the community link for data conversion errors on upgrade to point to the proper community article.
    • Resolved an issue where the Executive Summary Report could reflect the Effectively Installed Patches count incorrectly.
    • Resolved an issue where scan results could fail to import do to a 'Arithmetic overflow error' on the primary key in the ScanItems table.
    • Updated the Administration Guide to place the 'What's New?' section in the correct location in the document.
    • Resolved an issue where using the Microsoft Scheduler could cause scans to add five minutes to the specified scheduled time.
    • Resolved an upgrade issue where an unassociated event subscription could cause the database upgrade to fail from 8.0.2 to 9.0.1182.
    • Resolved an import issue where Agent Deployment Results could cause the importer to loop backing up the import queue.
    • Resolved an issue where the console could crash when you start many scans simultaneously on a resource constrained machine.
    • Changed from using MD5 hash to SHA1 in asset value normalization to be compliant on a FIPS enabled machine.
    • Resolved an issue where HFCLI.exe was not using the Protect License Key, causing certain licensed features of HFCLI to not work.
    • Resolved an issue where using the Browse Active Directory feature would not allow you to select a forest.
    • Resolved an issue where the console service could crash on foreign key exceptions.
    • Resolved an issue where the console service could crash when encountering an unknown service pack item type.
    • Resolved an issue where 2003 R2 SP2 systems could reboot unexpectedly when upgrading the agent from 8.0.2 to 9.0.1106.
    • Resolved an issue where an unnecessary horizontal scroll bar would appear in the Machine View.
    • Resolved an issue where the console service could crash when it is unable to decrypt credentials.
9.0.1182.0

Released 6/25/2013

(Note: This build includes fixes from 9.0.1106.0 and Protect 9.0 Patch 1)

    New Features

    • Manual activation of Shavlik Protect is now available through a self-help portal. When you choose manual activation mode, instructions are provided to walk you through the process.

    Bug Fixes

    • Resolved an issue where bad agent results were continuously imported rather than being discarded, resulting in the ST.ConsoleService.managed.log showing multiple “Stream header magic number is invalid” errors.
    • Resolved an issue where multiple IP ranges that use the same distribution servers cause full cloud policy updates to fail with 400 (bad request).
    • Resolved an issue where the advanced filter options for the Deployment Status By Machine report could cause Protect to crash.
    • Resolved an issue where reports emailed from Tools > Create Report are a tmp file instead of PDF.
    • Updated the Administration Guide to correct an issue where the default console service port was shown as 3131 instead of 3121.
    • Resolved an issue where the machine inventory email does not get sent when applied to a machine group.
    • Resolved an issue where agent registration and checkin uses FQDN not NetBIOS, causing the install to fail if FQDN could not be resolved.
    • Resolved an issue where agent checkin without a policy uses FQDN not NetBIOS, causing the install to fail if FQDN could not be resolved.
    • Resolved an issue where emailing a report from Scan View could cause Protect to crash.
    • Resolved an issue where the Scan and Report Only and the Deploy and Report Only roles do not allow the user to create and assign their own credentials.
    • Resolved an issue where the Scheduled Tasks Manager abnormally exits when right-clicking in the jobs window.
    • Resolved an issue where scheduled jobs might not appear in the Scheduled Tasks Manager.
    • Resolved an upgrade issue from 8.0.2 to 9.0.1106 where, after upgrade, some machine groups could not be opened.
    • Resolved an issue on ProtectCloud login where using dangerous HTML characters in the Protect Cloud password causes an exception.
    • Resolved an issue where scheduled deployments to a hosted VM shows a scheduled time discrepancy between Deployment Tracker and the Scheduled Tasks Manager.
9.0.1106.0

Released 5/2/2013

    Major New Features

    • Support for Cloud Agents
      • Shavlik Protect agents can be installed from the cloud and can function without ever connecting directly to the Shavlik Protect console
      • Agent policies are uploaded from the console to the cloud where they are available to be downloaded by the agents
      • Agent results are uploaded to the cloud and then downloaded to the Shavlik Protect console
    • Virtual Inventory (ESXi Hypervisor Patching)

      This new feature is used to manage and track the vCenter Servers and the ESXi hypervisors that are used in your organization. You can use the Virtual Inventory feature to:

      • Add vCenter Servers and ESXi hypervisors to Shavlik Protect
      • View basic configuration information about the vCenter Servers and the ESXi hypervisors
      • Perform a scan of the managed and unmanaged ESXi hypervisors
      • View the security bulletins that have already been installed on the managed and unmanaged ESXi hypervisors
      • View the security bulletins that are missing on the managed and unmanaged ESXi hypervisors
      • Deploy any missing security bulletins to the ESXi hypervisors
      • Power on and off the virtual machines that reside on your managed and unmanaged ESXi hypervisors
      • Add the virtual machines and virtual machine templates to a new or existing machine group
    • Installation and Prerequisite Changes
      • Support for 64-bit operating systems
      • New web version of the installation program that detects which architecture is supported by the console’s operating system and will automatically download the correct 32-bit or 64-bit MSI file
      • Support for SQL Server 2012
      • Support for Windows 8 and Windows Server 2012
    • Event History

       

      Event History provides a way to view the background operational events that occur with Shavlik Protect. Entries are generated for a large number of events, including:
      • Database maintenance
      • Distribution server synchronization
      • Scheduler events
      • Core engines/definitions downloads
      • Core engines/definitions synchronization
      • Threat data downloads
      • Threat data synchronization
      • Operation result imports (patch scans, threat scans, etc.)
      • ESXi Hypervisor patch deployments
      • Agent policy synchronization using Protect Cloud

    Minor Features and Enhancements

    • Patch Management Enhancements
      • Patch replacement resolution has been added to patch groups
      • Agentless target machines that download patches from distribution servers will now install the patches they download even if they cannot download all patches in the deployment
    • Threat Management Enhancements
      • Quarantined items can be added as filename-based exceptions from the quarantine management UI
      • Detected threats can be added to the Allowed Threats list of select policies from the Threat Events View
    • PowerShell Scripts
      • PowerShell scripts can now target ESXi hypervisors and use PowerCli commands
      • PowerShell modules are now supported
    • Performance Improvements
      • Reports have been reworked and are significantly faster and more accurate
      • Rollup and import performance are improved by exporting and importing batches of results
      • Performance improvements have been made in the Policy Editor
      • Stronger cryptographic keys are now used to make the program more secure
      • Multi-console support has been improved
      • Scheduling of distribution server synchronization can now be done on a per-distribution server basis
    • User Interface Changes
      • The Navigation pane has been modified to better utilize the available space
      • The menu bar is simplified and has only six items: Home, New, View, Manage, Tools, and Help
      • Product End-of-life (EOL) information has been added to the data and is displayed in several places in the interface
      • Notes can be associated with individual machines in machine groups
      • Machine names and IP addresses can now be edited
      • The Active Directory browser has been improved
      • Credentials Manager now shows where specific credentials are used
      • The About dialog clearly displays current and installed data file versions
      • The Agent Manager has been removed. All functionality is available from within Machine View.
      • Reworked the Active Directory / OU browser
      • Searching within the current view is simplified. You no longer need to select the column to search; all columns are searched.
      • Patch Type has been added to the middle section of Machine View and Scan View patch results
      • Manage Items now appears as a dialog rather than being displayed in the main window. This reduces memory usage and provides better performance.
      • Scheduled operations that were previously configured in Tools > Options have been moved to a new area under Tools > Operations
      • Management of distribution servers has been moved to Tools > Operations
      • An Error code column has been added to a number of grids and the error code has been removed from the error message
      • A Patch Breakdown column has been added to a number of grids. This provides a visual representation of the percentage of installed patches (green) vs. missing patches (red) and missing service packs (yellow).
    • IAVA Reporter
      • If you purchase the Government Edition of Shavlik Protect you will receive a license key that enables you to use the Information Assurance Vulnerability Alert (IAVA) Reporter. The IAVA-specific files are automatically installed when Shavlik Protect is installed and are completely integrated in Shavlik Protect.

    Bug fixes

    • Resolved an issue in role based administration where Scan/Deploy & Report Only users had more access than expected.
    • Resolved an issue where after upgrade from 7.8 to 8.0 scanning offline hosted VM and offline VMWare .vmx file would fail.
    • Resolved an issue in the Machine Group Editor treelist where the background color should be all white.
    • Resolved an issue in the Scan Summary box in scan view where it does not remember collapsed state (minimized state).
    • Resolved an issue in the Deployment tracker where collapsed rows expand during auto refresh.
    • Resolved an issue in documentation to show that we support SQL 2008 SP3.
    • Resolved an issue in the Deployment Notification email shows incorrect date and should specify GMT.
    • Resolved an issue where splitter bars in the Scan Summary do not remember their position when the application is closed.
    • Resolved an issue in Machine View where column sorts only on the first column.
    • Resolved an issue in Custom Patch Deployment when using bat file where the deployment fails to complete.
    • Resolved an issue where the file size confirmation dialog for downloading patches does not display during a single patch deployment.
    • Resolved an issue where right click context menus under machines not scanned tab were removed.
    • Resolved an issue in the custom patch regkey editor where you cannot change from DWORD to String and put in a string value without getting an error.
    • Resolved an issue where file and registry key details in the Patch Information view don't scale.
    • Removed 'query remote log information' from deployment results screen due to compatibility issues across different operating systems.
    • Resolved an issue in machine groups where 'Scan Only IIS Servers' filters out all machine with IIS installed on it instead of including only IIS servers.
    • Resolved a race condition where you could click on a machine group multiple times opening many windows if you are on a slow system.
    • Resolved an issue where removing all email recipients from a machine does not remove the email.
    • Resolved an issue where RDP fails to install on German 2K3E R2.
    • Updated documentation to reflect what OS languages Shavlik Protect supports for system requirements.
    • Resolved an issue where the manual RDP installation link is missing from the manual installation section of the install guide.
    • Resolved an issue where Agents with pre-deploy reboot, do not wait for the reboot to start installing patches.
    • Resolved an issue where consoles configured for data rollup display warning messages incorrectly due to differences in time between consoles.
    • Resolved an issue on upgrade from 7.8 to 8.0 where you receive error 1714. The older version of Shavlik Protect Patch Engine cannot be removed. Contact your technical support group. System Error 1612.
    • Resolved an issue where the %Pathtofixes% variable is not honored when installing scheduler from scheduled task manager.
    • Resolved an issue on the chart screen if you select options always show this chart, the options at the bottom of the page are disabled until you do a refresh.
    • Resolved a potential crash during deployment when deploying to large groups.
    • Resolved an issue in the Deployment Notification email where "Scheduled Installation Time" would show as blank.
    • Resolved an issue where the Shavlik Protect Console could crash when filtering in scan results.
    • Resolved an issue when changing the scheduler port where the task scheduler honors the new value, but the Shavlik Protect GUI does not.
    • Resolved an issue in the Scan Summary --> Patch Information section where "File version is less than expected: ..." is truncated.
    • Resolved an issue where agent deployments using pre-deployment reboots could end up in a continuous reboot cycle if there are still missing patches.
    • Resolved an issue where closing Shavlik Protect with an RDP window open and the RDP window no longer honors the cancel action.
    • Resolved an issue where STAgent service could hang during start-up on XP and 2k3.
    • Resolved an issue where Active Protection prevents opening embedded Outlook files (.msg) in a word document.
    • Resolved a database upgrade issue where an ALTER TABLE statement conflicted with the FOREIGN KEY constraint "FK_LinkEmailRecScanTemplate_ScanTemplates".
    • Resolved an issue in STSchedex.exe where shutdown could cause an application error.
    • Resolved an issue with in asset scans that could cause software asset scans to fail importing due to an invalid URI error.
    • Resolved an issue in Data Rollup where IP Address or hostname containing a space will cause the console service to error and prevent start-up.
    • Resolved an issue where there could be discrepancies interpreting scan result between agent GUI and console GUI.
    • Updated the description of Non-Security Patches in new scan template to reduce confusion.
    • Resolved an issue where items are unable to deleted from Manage > Items due to overlapping scans results.
    • Resolved an issue where offline activation for vCP with Configuration Management, configure product activation fails with "Offline activation stream is invalid".
    • Resolved an issue where copying a machine group could cause the app to crash.
    • Resolved an issue with activating multiple license key issues with console add-on keys.
    • Resolved an issue where Daily AP Alert is still triggered even though threat protection feature is no longer licensed.
    • Resolved an issue with the Condensed Patch Listing report where information appears in exported CSV that is not part of the report.
    • Resolved an issue when deploying SQL Server 2000 patches could crash the console with System.ArgumentOutOfRangeException: Positive number required. Parameter name: culture.
    • Resolved an issue where manually installing an agent using a lowercase passphrase could cause an "Invalid request" during registration.
    • Updated command line help to provide an example on how to register an agent using STAgentManagement.exe.
    • Resolved an issue in STThreat.exe where it could locking up a system when RunDetection: detection function 5094 crashed error occurs.

8.0.2.4027

Released 11/01/2012

    Bug Fixes

    • Added support for the vCenter Protect installer to detect PowerShell 3 as a prerequisite for PowerShell.
    • Resolved an issue where Java Runtime would uninstall the current version and then fail to install due to file(s) in use.
    • Removed a dependency on two Microsoft components (oHotFix and Qchain) as they are reaching end of availability from Microsoft Corporation.
    • Resolved an issue where an offline virtual machine on an ESXi Hypervisor would fail to scan with an Error 4000.
    • Resolved an issue where deployments using Install at next reboot could execute immediately.
    • Added installation support for Windows 8 and Windows Server 2012.
    • Added support for installations using SQL Server 2012 databases.

8.0.3965.1

Released 9/10/2012

    New Features

    • Integration with VMware Licensing
      • Support for multiple license keys, allowing for valid VMware vSphere and Accelerator Kit bundle licenses to activate along with VMware vCenter Protect licenses.
      • Retain support for the legacy (Shavlik) license keys and make key combinations additive.
      • Update to license services within VMware vCenter Protect, allowing active licenses to refresh without user intervention. Customers no longer have to manually refresh their active licenses when Support or data renewals occur, etc.
    • Updated Product Activation
      • VMware vCenter Protect now has the ability to activate a trial within the product.
      • VMware vCenter Protect Free version is now activated through the same activation dialog as Trial or Product\Bundle keys.
    • Renaming of the Product
      • VMware vCenter Protect Essentials is renamed to VMware vCenter Protect Standard
      • VMware vCenter Protect Essentials Plus is renamed to VMware vCenter Protect Advanced

    Bug Fixes

    • Resolved a rendering issue in the Patch View where you could select one of the affected patches and the Patch Details would not display correctly resulting in an application crash.

8.0.3787.0

Released 12/28/2011

(NOTE: This build includes fixes from 8.0.3756.0 and Protect 8.0 Patch 1)

    Bug Fixes

    • Enhanced ITScripts engine to provide more user-friendly error messages.
    • Resolved an issue where scheduled value in Tracker and deployment status was showing date and time the job was scheduled on, and not the date and time the job would execute.
    • Resolved an issue in the STAgent.exe where a race condition could cause a crash.
    • Resolved an issue in the IAVA reporter where Patch Status Detail would crash if viewed by specific product and service pack combinations.
    • Resolved an issue in the Help file where a link for ITScripts would redirect to custom patch instead.
    • Resolved an issue where refreshing a license after viewing a power status scan result could result in a crash.
    • Resolved an issue where Browse Active Directory feature in Machine Groups did not list child OUs.
    • Updated Help file to correct steps for creating a manual install script for agent installation.
    • Resolved an issue where upgrade from 7.x to 8.x results in agents running threat protection needing to be re-installed.
    • Resolved an issue where STAgentUpdater could crash when creating SSL registration.
    • Resolved an issue where the service could crash when retrieving system credentials due to size of credential store.
    • Resolved a regression where the patch pane in Machine View defaulted to expanded instead of collapsed.
    • Resolved an issue in Custom Patch where a string registry value always returned missing.
    • Resolved an issue where database upgrade fails with uniqueness constraint violation. This only affects 7.x upgrade to 8.0.
    • Resolved an issue where agents would be unable to deploy a custom patch.

8.0.3756.0

Released 11/1/2011

    Major New Features

    • ITScripts
      • Powerful scripting capabilities just clicks away
      • Catalog of scripts including maintenance scripts, application and OS-level configuration, configuration of GPOs, monitoring and informational scripts, and more
      • Ability to import custom scripts and take advantage of the ITScript engine features to make machine discovery and credentials usage a breeze
    • Credentials Manager
      • Addition of the Credentials Manager to centralize the creation and maintenance of credentials
      • User-friendly UI to allow access to your credentials anywhere in the product and specify credentials in a matter of clicks without the need to retype username and password
    • Power Status Scan
      • Addition of a new scan type that allows extremely fast discovery of the power status of your machines. Discover hundreds of machines in minutes across a broad IP range or validate the power status of your machines using host name, domain, or any of the other methods available in the machine group.
      • Right-click power status scan option from Machine View for validating that a machine is online
      • Power Status Scan result located in the Results section of the Navigation Bar for historical reference to Power Status Scan results
      • Power Status Report for proof of compliance and to provide the validation that is often required by energy providers for power rebates
    • Multiple Administator Support in Console
      • Support for multiple unique administrators to access the same Protect console simultaneously
      • Notification if the same account is attempting to open the console simultaneously

    Minor Features and Enhancements

    • Patch Scan Performance Enhancements
      • Increased scan speed
      • Reduced memory footprint
    • New Operations Home Page
      • Quicker access to common operations like patch and asset scans, power status scan, ITScript runs, etc.
    • Integration with Remote Desktop Protocol (RDP)
      • Initiate from Machine View against a target machine
      • Utilize existing credentials
      • Connect via hostname or IP
      • Option to connect as admin session for specific maintenance tasks that require session 0
    • Integrated Deployment into Operations Monitor for Better Deployment Progress Monitoring
      • Increased visibility during deployment
      • Better progress tracking of deployments while being staged
      • Easy access to deployment results and Tracker results
    • Antivirus/Threat Protection Enhancements
      • Threat protection is now registered in Microsoft Security Center / Action Center
      • Enhanced control over the “disable” and “temporarily suspend” Active Protection features within the agent policy

    Bug Fixes

    • Resolved an issue the Agent could be unable to deploy a deployable SP.
    • Resolved an issue where Office patches with client and full patch types download only the first patch type listed in pd5.
    • Resolved an issue where the selecting Patch Download Status would not download a patch if you downloaded, deleted, then attempted to download again.
    • Resolved an issue where Patch Download Status does not sort after the first time.
    • Resolved an issue attempting to add a Service Pack to a patch group would result in a blank patch group.
    • Resolved an issue in documentation: a mapped drive for a Download Center Path is not supported.
    • Resolved an issue where agents would fail to deploy other Service Packs and Patches if errors were encountered on a Service Pack install.
    • Resolved an issue where upgrading a database from 7.6 to 7.8 fails with id cannot be null.
    • Resolved an issue in documentation: SQL 2008 Express and SQL 2008 R2 were not listed in the database pre-reqs.
    • Resolved an issue where machine summation counts may not be accurate in Machine View.
    • Resolved an issue where deleting a hosted virtual machine produces collation conflicts
    • Resolved an issue where attempting to non-deploy a service pack results in Protect crash
    • Resolved an issue where Patch summary report advanced filter does not properly filter by bulletin or Qnumber.
    • Resolved an issue where scheduled deployments with pre install reboot run the deployment after any reboot, not the scheduled reboot.
    • Resolved an issue where scheduled deployment with pre install reboot would not execute if system clock resets to a time prior to scheduling.
    • Resolved an issue where the schedule dialog could change from PM to AM under certain circumstances.
    • Resolved an issue where threat manifest cannot be downloaded from an http distribution server when vendor as backup is disabled.
    • Resolved an issue where scan my domain does not work correctly with similar qualified domains.
    • Resolved an issue where find users in the machine group domain browser would find the user by simple domain name.
    • Resolved an issue where copy machine group created by a different logged in user with an ESX server setup in hosted virtual machine causes a crash.
    • Resolved an issue with Protect 7.8 where Safereboot does not reboot on Windows 2000
    • Resolved an issue where Agent downloads fail due to file not found error
    • Resolved an issue where Deleting the last patch scan for a machine doesn't null out the patch-specific machine measures
    • Resolved an issue where At least one window within Protect causes an indefinite freeze for the entire application when a WM_SETTINGSCHANGE message is received
    • Resolved an issue in Custom Patch where there would be two validation checks for each XML
    • Resolved an issue in the threat engine where Ultra VNC and Remote Task Service are killed during agent Full threat scan
    • Resolved an issue where Report only users are able to do more than specified
    • Resolved an issue where Operations Monitor does not sort correctly by numerical order.
    • Resolved an issue where a license due to expire in one day could not be activated properly.
    • Resolved an issue where distribution server sync space required is multiplied by 5.
    • Resolved an issue where an Error in STCore::IO::CPath::GetFullPath() causes deployment of office patches with install point to fail
    • Resolved an issue where Dutch Windows 7 SP1 is not detected correctly by the prereq installer
    • Resolved an issue where Software Distribution checkbox is able to be modified for Security Patch Scan Template
    • Resolved an issue where Agent System Requirement documentation incorrect
    • Resolved an issue where customer encountered error running machine software detail report.
    • Resolved an issue where recurring jobs are deleted when they fail if credentials were invalid.
    • Resolved an issue where Scheduled Task Manager could cause Window's user accounts to be locked out
    • Resolved an issue which resulted in Duplicate Service Packs in the Patches Table
    • Resolved an issue in documentation stating multiple consoles sharing the same DB on Domain Controllers with the same SID is not supported.
    • Resolved an issue where Copy of Asset template does not store the name in the correct table
    • Resolved an issue Upgrading protect overwrites st.servicehost.exe.config where we must store proxy information so the service can access the internet
    • Resolved an issue when Console culture is not supported by our patch data languages, the application will crash during deployment when download is about complete.
    • Resolved an issue where Running Executive summary report from a scan results has **multiple** in the machine group field.
    • Resolved an issue where agents could not be deployed as a Custom Patch
    • Resolved an issue where protect would crash when a required file was not in the manifest.
    • Resolved an issue where Protect crashes when user attempts to open an existing template after upgrade from 7.6 to 7.8.
    • Resolved an issue where an invalid distribution server credential gets an agent in an infinite check-in loop.
    • Resolved an issue where Patch scan path information not being fully painted
    • Resolved an issue in Power State Template where Shut Down when “Alert user, perform action when user logs off” is checked results in a reboot.
    • Resolved an issue in the Deployment Detail report when using Domain as an advanced filter results in an error invalid field smachDomainName.
    • Resolved an issue where Agent check-in failed due to IP Range for Primary Distribution Server being Blank.
    • Resolved an issue when trying to do multiple deployments at once crashes Deployment Tracker due to a dead lock.
    • Resolved an issue where deployments would reboot targets, but no patches were being deployed.
    • Resolved an issue where Agent patch deployment fails when the temp dir is not on the c drive
    • Resolved an issue where the Service Pack release date shows as 01/01/0001 due to UTC + 1 or higher being set.
    • Resolved an issue in documentation to state the Workstation Service is required by the VMware vCenter Protect Agent
    • Resolved an issue where export to CSV from machine view from Hardware Assets tab crashes the application.
    • Resolved an issue where a distribution server could have an agent framework and engine mismatch.
    • Resolved an issue where large numbers of agent policies cause the distribution server confirmation screen to be cut off.
    • Resolved an issue where scheduled jobs that encounter an error while running are deleted and do not show up in the log or the scheduler.

7.8.1392.0

Released 05/12/2011

(NOTE: This build includes fixes from SKB17119)

    Major New Features

    • Virtual Machine Enhancements
      • patching VMware templates
      • Disable networking while deplying to offline virtual machines
      • Optional pre-deployment and post-deployment snapshots
      • Deploy to a machine in a different state than was scanned
      • Scheduled deployments to offline virtual machines
    • Agent Enhancements
      • Deploy service packs to agents
      • Checkpoint/restart downloads of agent patches and service packs
    • Patch Deployment Enhancements
      • Deploy patches contained within archive files
      • Scripted Patch Detection
      • Uninstall multiple patches in a single deployment
    • Database Maintenance Feature
      • Purge old data
      • Run Backups on a regular basis
      • Reindex the database
    • Integrated with VIPRE 4.0 SDK
      • Engine Performance enhancements
      • Includes VIPRE bug fixes and enhancements
      • "Limit AP Scanning to only high risk file types (High Performance)" added to Agent Policy, AP tab, File Access

    Minor Features and Enhancements

    • New threat report filter: “Days to report on”
    • Left-Nav modifications and new grouping
    • New deployment template for Hosted VM deployments
    • Multi Machine Properties edit from machine view and scan view, Patch Drive Patch, Custom 1, 2, and 3.
    • New option to suppress prompts; Ex Download size dialog now has a check box to "Warn Next Time", uncheck and you will no longer be warned. Can be turned back on through tools options.
    • Power Management change; Sleep and Hibernate commands were ignored if a user was logged into the target machine. Power State Change will now enforce for those machines as well since a locked machine or idle machine with a logged in user is a prime use case for this feature.
    • Machines not scanned added to automatic email options.
    • Added Hardware and Software Asset Inventory capability to the NetChk Agent. Asset information about Agent-managed machines are rolled up to the central console for management and reporting.
    • Added Software Asset Inventory collection on virtual machines that are powered off (offline). This allows NetChk Protect to create and maintain a current and accurate inventory of software assets on physical and virtual machines regardless of power state.

    Bug Fixes

    • Resolved issue related to importer failure which returns 0's for scan results
    • Resolved timing issue with Unable to Verify reported by Tracker
    • Resolved DecryptCredentials failure
    • Resolved Importer failure issue when Data is Null
    • Resolved Import failure when trying to move file to bad files folder
    • Resolved Importer failure when trying to access the file 'arrival file path' and it is being used by another process
    • Resolved a Scans never complete. The Scanner Count does not match Import Count
    • Resolved Importing Machine Groups issue where you have to click on any other Machine Group before you can import another one
    • Resolved issue where you Can't set domain credentials for "My Domain" default machine group
    • Resolved Importer issue where Some scan results are 'hung' in the arrivals folder - Reprocessing Bad Files
    • Resolved issue where Protect incorrectly exports machine role details that are utilized by SSI
    • Resolved issue where Operations monitor show incorrect data
    • Resolved issue with Machines By Patch Report
    • Resolved issue with Unconventional Bulletin ID in custom patch
    • Resolved issue with install agent using example command script
    • Resolved Deployment with custom dialog failure
    • Resolved issue to cancel jobs using stscheduleview
    • Resolved issue when Attempting to "Deploy all missing" for a scan that includes at least one non-downloadable patch (which does NOT exist in the patch repository)
    • Resolved issue with Non English Language OS fail to download
    • Resolved issue if same user logs on to another console and connected to same DB, then going to tools > option > defaults creds > setting them will not work
    • Resolved database upgrades failure when converting SoftwareAssetScans converting the language field
    • Resolved issue when Selecting vendor severity in Deployment Detail report advanced criteria generates an er
    • Resolved issue with deploying Q931125/MSRC-001 patch displays as Uninstall Succeeded
    • Resolved issue where Patch scan template XML file location has no effect
    • Resolved issue with machine context menu slow to display when the user has many machine groups
    • Resolved issue with & in shavlik comment forum links not displayed
    • Resolved issue with Agent upgrade can break agent's ability to update patch and threat data
    • Resolved issue with having LangID of 0
    • Resolved issue with Scheduled scans do not get proxy credentials
    • Resolved issue with refresh files
    • Resolved issue where User is able to delete system deployment templates
    • Resolved Error 13 - Scanning SQL Server 2005 Unable to access registry key Error [87]
    • Resolved issue where user is Unable to set "Minutes between sending console results:" for data rollup > 1000
    • Resolved issue with Deployment Status by Machine: Report Gallery's "Deployment to report on" or Advanced Report Settings's Deployment Names time is in GMT not local time
    • Resolved issue with Threat Definition Version not updated when Threat Scan rolls up from Agent
7.8.1388.0 (SKB17119)

Released 04/19/2011

Bug Fixes

  • Resolved an issue with the custom patch editor. After saving news xml, the user had been unable to access the custom patch editor.
  • If the administrator does not check the Disable Active Protection box on the General tab, the end-user will not be able to permanently or temporarily disable Active Protection. Prior to this patch the user was still able to temporarily disable Active Protection.
  • Resolved an issue with the custom action functionality that occurred following a post reboot.
  • Resolved an issue with deploying service packs from an agent that was upgraded from 7.6 (the service pack would not deploy).
  • Resolved an issue with agent deployment where failed downloads of service packs or patches from a distribution server could indefinitely block the agent's deployment of those service packs or patches. Also related to this issue, the Clear Retry Counts command, in addition to resetting retry counts, will now delete an agent's local copies of downloaded patches and service packs. This will not affect the state of installed patches or service packs.
  • Resolved an issue with mounting VMs, where the user was not able to mount VMs with datacenters under a folder.
  • Resolved an issue when deleting a patch task from a copy of an agent policy. • Resolved an issue where agents failed to download patches/service packs when
  • BITS Service is configured to have a startup type of 'Disabled.'
  • Resolved an issue where the managed machine resolver did not correctly exclude IP addresses.
  • Resolved an issue where, if the user exceeds the number of deployment seats permitted by their license, they could not use the Get more deployment seats button.
  • Resolved an issue with the deployment of Office patches when an Administrative Installation Point (AIP) is used.
7.6.1496 (SKB16779)

Released 12/15/2010  (NOTE: This build includes fixes from 7.6.1482 and SKB16779)

    Bug Fixes

    • Resolved an issue where the ‘Item History’ report and the ‘Seat License Status’ report were not available in the report gallery
    • Scan fails to import properly due to file locking issue on the scan information importer
    • Resolved an issue where deployments would fail when deploying patches that could not be downloaded
    • Resolved an issue where scans would hang on importing new definitions: Error – ‘Object synchronization method was called from an unsynchronized block of code.’
    • Resolved an issue where deployments fail when installing or upgrading to 7.6 on a disconnected network
7.6.1482

Released 9/28/2010

    Features and Enhancements

    Shavlik NetChk Protect 7.6 includes the following enhancements:

    • Patch Scan caching abilities that will improve the performance especially over WANs
    • Ability to execute agent policy actions by sending ad hoc commands from the console to your agents (e.g. executing a patch\power\asset task, update definitions or binaries, clearing retry counts, etc.)
    • Original Scan State column added to Scan and Machine views (Option to display the original scan state as an additional grouping\filtering option)
    • Agent AV ad-hoc tasks from the console - simplified management for the administrator
    • Quarantine management (both policy driven & ad-hoc tasks) – better control for the administrator over quarantined threats
    • “Threat Events View” – new more granular view of threat and Active Protection events for the administrator·
    • Perform AV threat scan on a specific file/folder – allows an individual user (agent) to perform a scan of a specific file\folder or an entire USB drive that they just placed on their computer
    • New AV/Threat Reports – better reporting for the administrator and their management
    • AV Alerting from console – automatic alerting for the administrator when Active Protection thresholds are reached
    • Exclude files/folders from being scanned (policy-driven w/ wildcards, environmental variables) – ability for the administrator to exclude files/folders that you don’t want to scan for performance or other reasons

    Bug Fixes

    • Resolved a UI issue when deploying patches using Distribution server where the distribution server IP range does NOT have a primary distribution server specified
    • Resolved Data Rollup to include machines that fail to scan in the scan results as shown on the Central Console
    • Resolved an issue to save IP Address in Data Rollup configuration screen
    • Resolved RPC timing issue that cause error 1726
    • Resolved an Importer failure to move file to bad files folder if exception occurs during import
    • Resolved an issue when selecting "deploy all missing" From a scan of a windows 2000 box shows informational patches in the "deployment configuration" screen
    • Resolved an issue of not being able to deploy .NET Framework 2.0 SP2 from Scan View
    • Resolved an issue where Agent installs allows for non-administrators leaving system in bad state
    • Resolved an issue to handle duplicate Patch names in PD5.xml
    • Resolved an issue where application shuts down when you press TEST button when adding credentials with NO password
    • Resolved an issue to save command Timeout setting in during upgrades
    • Resolved OU structure display duplicates and machine on the main node
    • Resolved an Importer failure where the process cannot access the file 'arrival file path' because it is being used by another process
    • Resolved an issue where Deployment Templates created by Admin A do not show in drop down when choosing default Deployment Template for other admin
    • Resolved skippatchmail and scanemail command options missing from ShavlikConsoleTask
    • Resolved reports issue where - No data in Machine HW Detail report from Agent running Asset Scan task - Data shows in MV
    • Resolved an issue where Left navigation panel cannot be expanded past default
    • Resolved an issue with SafeReboot - Restart on User log off causes Program still needs to close dialog box to appear on Windows 7
    • Resolved an issue where No warning logged when disconnected console attempts to import results created from newer XML
    • Resolved an issue where Refresh Files causes unhandled SQL Transaction Timeout exception when attempting to import patch data
    • Resolved an issue with Scheduled jobs with '&' in name do not appear in the GUI queue
    • Resolved an issue with Executive Scan Summary (with view current status option) is showing more than the latest scan results
    • Resolved an issue with Data Base upgrade timeout
    • Resolved an issue with Reports: Patches by Machine Detail shows multiple entries for the same missing patch on the same machine (across multiple scans)
    • Resolved an issue with Machine Group: Scan only settings are being ignored in patch scans
    • Resolved Unhandled exception from BuildNewsfeedInternal()
    • Resolved a tracker issue after rescan where tracker reports Unable to Verify
    • Resolved an issue of not being able to use UNC shares as patch repository
    • Resolved an issue where copied patches were not included in Missing Patch Count column
    • Resolved an issue where threat data were not downloading to console when roles are enabled
    • Resolved an issue with Tracker drop down list does not refresh
    • Resolved an issue where User Criticality in Patch View was not current with actual value even when refreshed
    • Resolved an issue when you remove an agent machine from MCV, it can no longer check in
    • Resolved issue with Threat data scan smart filters
    • Resolved a race condition with StartFileSet()
    • Resolved an issue when deploying to Office 2003 build 1183138221
    • Resolved an issue with "View Current Status" should not be available inside Advanced Report Settings
    • Resolved an issue when Entering in a long Distribution Server name
    • Resolved an issue with Deployment Seat Enforcement Algorithm doesn't work with multiple consoles
    • Resolved an issue of not being able to change the DB timeout for Protect upgrades
    • Resolved an issue when attempting to scan offline machine on FREE ESXi
    • Resolved an issue with Tools --> Options --> Save with Subquery returned more than 1 value
    • Resolved an issue of not all results are being imported into the database, all agent scan results are going into BAD FILES folder. DB Error DisplayVersion exceeds database field length '55'
    • Resolved an issue of not being able to upgrade 7.2 database to 7.5 due to existence of Spyware patch groups
    • Resolved an issue when updating policy for 4000 agents
    • Resolved an issue where remote dialogue with special characters will corrupt display
    • Resolved an issue with MCV: Missing patches NOT shown after refresh of machine where user deleted the last scan. Other scans exist
    • Resolved an issue with Protect fails to open after deleting User's Profile
    • Resolved SQL-DATABASE-MAINTANENCE Script fails on databases that have old scans due to constraint issues
7.5.2779 (SKB16359)

Released 07/27/2010

    Bug Fixes

    • Resolved Agent UI crashes that resulted from a race condition in event subscribtion
    • Corrected the Patch Assessment Service so it no longer stops running and does not send a message back to the GUI
    • Fixed Threat definitions that failed to sync if a single Distribution Server is offline
    • Resolved an issue where deployments fail because of a Detection Only patch
    • Fixed a problem that resulted in a scheduled scan on a Win 2K8R2 system creating an interactive console task
7.5.2733 (SKB16284)

Released 05/28/2010

    Bug Fixes

    • Fixed an issue where patch scanning is returning incorrect scan results due to probably network errors.  Patches are detected as missing when they are installed.
    • Resolved a problem with NetChk Agent log file activity that causes NetChk Agent UI to crash
    • Corrected an issue with NetChk Agent policies where creating a copy of a policy causes an Always Allow entry to go to the Never Allow entry
    • Fixed a problem with asset scans that resulted in Boolean variables always show as false
    • Resolved an issue where wrong service packs being displayed and deployed
    • Fixed SafeReboot so it no longer fails if executed on system where 1 or more users are connected via RDP
    • Corrected a problem where Software Deployments stays checked after unchecking under certain conditions, resulting in software being deployed unintentionally when clicking cancel
7.5.2716.0

Released 05/04/2010

    Major New Features

    • Added Power Management Module
      • Create a licensable module to manage the power state of computers. By turning off computer at night and on weekends, businesses can save up to $60 per computer per year
      • Integrated Wake-on-LAN to the Power Management Module. Conflicts exist between a company’s desire for Greener IT and the need to deploy critical security updates. Shavlik’s Power Management Module is a seamless integration of powering computers off when not in use and waking them up for scheduled maintenance windows.
    • Added Hardware and Software Asset Inventory capability to the NetChk Agent. Asset information about Agent-managed machines are rolled up to the central console for management and reporting.
    • Added Software Asset Inventory collection on virtual machines that are powered off (offline). This allows NetChk Protect to create and maintain a current and accurate inventory of software assets on physical and virtual machines regardless of power state.

    Bug Fixes

    • Fixed issue related to download patches from Patch View (Firefox 1.0 and selecting all languages)
    • Added MS XML Hotfix in boot strapper to resolve Large scan crash
    • Corrected an issue with NetChk Agent download Patch or Threat Data using Ironport or Blue Coat proxies when set to download from Vendor over internet
    • Fixed issue of asset scanning of machine found in multiple nested machine groups
    • Fixed issue with saving existing custom XML file by clicking save icon (floppy disk)
    • Fixed database upgrade failure when you have duplicate Machine definition in machinelist table (one included and one excluded)
    • Fixed issue with Auto-email and reports being sent before deployment happens
    • Fixed Agents failure to install on domain controllers
    • Fixed failure in installation if http reservations exist for port 3121 and port 3122
    • Fixed issues with incorrect number of missing patches showing in machine view
    • Allow more than 32767 managed machines while viewing scan resultsFixed database upgrade issue once you manually set the Database (e.g. ShavlikScansTest) properties->Options->Numeric Round-Abort = true
    • Fixed timing issue to ensure patch scan results are available after scans complete
    • Added capability to deploy greater than 40 agents at one time with a 40+ character user name and password
    • Corrected a problem with deployments being removed when scans were being deleted
    • Fixed issue with deleting a Scan from Manage->Items
    • Fixed the Agent Check in fallback address
    • Fixed problem with logging and tracing once setting “all logging levels”
    • Fixed capability to scan nested groups where one group was deleted
    • Fixing error when logging off from computer using machine level credentials on Schedule scan
    • Fixed Asset scans when machine group includes machines via the "Link to file" external source option
    • Fixed ability to connect to Remote SQL DB using Windows Authentication
    • Corrected an issue that prevent automatic emails to be sent after scheduled scan completes
    • Enabled scheduled scans across domain without trusts
    • Solved thread issue when multiple scan threads access the same target at the same time
    • Fixed Machine type filtering under the advanced filtering for reports
    • Enhanced ability to download large number of patches
    • Fixed error when scheduling recursive scans
    • Enabled Shavlik Task Manager to handle bad XML from target
    • Updated .Net 3.5 download for pre-req installer for Machines not connected to the internet
    • Removed Spyware Signatures from Patch View
    • Fixed problem where rebooting a list of computers stopping after the first failure
    • Fixed resetting highlighted machines in scan results when grouping by specific column
    • Fixed incorrect scanning console name being reported when migrating existing database to a new console
    • Fixed foreign local issues where simple string comparisons would cause the application to fail
    • Fixed issue with entering a Shavlik Scheduler port number higher than 49000 Fixed errors in Patch Status summary report
    • Prevent installation of Agents on a FAT partition
    • Fixed issue of not being able to check the asset scan template under Tools
    • Fixed inconsistency reporting number of patches in the scan results
    • Ability for Manual Licensing to handle x64 bit machine
    • Fixed error when using advanced filters for Patches by Machines report
    • Fixed Unhandled exception when attempting to Remove E-Mail Address from Machine Group
    • Fixed problem with ability to perform scan with auto deployment from a non-English OS
    • Improved Importer Performance when 'Updating the database with the latest descriptions'
    • Fixed issue with deleting distribution server
    • Fixed issue with XML not updating for re-occurring scans
    • Fixing problem with setting up data rollup, when user tries to import 6.5 data rollup .drs file
    • Fixed close of Scheduled Tasks GUI when refreshing machines
    • Showing Custom Deployment Template in drop-down if it was created by another user when My Items only is disabled
    • Fixed problem with ability to schedule reoccurring scan
    • Fixed ability to delete filter from Patch Centric view
    • Enabled Organizational Units to be sorted alphabetically by name
    • Resolved E-mail address validation to ensure valid addresses are not blocked
    • Fixed parsing issue when settings stored in the sysInfo table using the bit data type
    • Fixed Scan Results importer to handle the apostrophe character correctly when inserting domain Rule's
    • Fixed setting default credentials in tools --> options
    • Fixed a regional settings issue that resulted in an unexpected error and need to close to recover when Customer clicks on scan results in Today’s Items
    • Reduced the time it takes to verify seat licenses
    • Fixed Machine Status Summary report graphic header
    • Fixed an issue with the agent UI failing to terminate when the user logs off
    • Fixed an issue with Agent not deploying on machines with IPv6
    • Resolved an issue of time out when running the SchemaInstaller.UI.exe on a large remote database
    • Corrected an issue of download failure when Patch downloads sources through DS or Custom Share in Tools/Options are looking for the wrong patch format
    • Eliminated duplicates in Top 10 Missing Patches Report on a Roll-up console
    • Fixed importer problem with the result importer does not download newer data files when it receives results of scans that used a newer XML
    • Fixed an Agent Import issue
    • Added the Sending Console ID to Threat Results Export
    • Resolved an issue with Machine View when refresh machine doesn't update middle pane
    • Fixed a problem when providing bad user name in Set Credentials dialog
    • Warn users that SQL 2000 is not supported when Protect database upgrade on SQL 2000
    • Corrected an issue when Windows Xp 64 bit is incorrectly reported as Windows Server 2003 on agent check-in
    • Fixed failure to import of software asset scan results with invalid product cultures
    • Corrected install failure if VMware VDDK 1.1 Installed
    • Fixed failure to import Scan Results if xml version is out of date
    • Fixed a problem of results files being marked as "Orphaned" by the importer even though they were successfully processed
    • Corrected failure to import scan results with a scan name
    • Fixed Office Deployment prompts for the wrong product, Excel 2000 instead of MS Office 2003
    • Fixed a problem with threat data always downloads from vendor, regardless of Tools > Options setting
    • Fixed a problem with download of Large Service Pack which hangs at 100% complete indefinitely and closes the app when clicking cancel
7.2.346.0

Released 02/24/2010

    Bug Fixes

    • Corrected an issue where scheduling a scan more than 32 days in the future resulted in the scans running immediately
    • Fixed an issue with application operations and Ironport or Blue Coat proxies
    • Resolved a problem with stSched that prevented scheduled deployments of patches to NT4 systems
    • Modified how results are imported into the NetChk console to significantly speed up importing results
    • Fixed the results importer so asset scan results are successfully imported into the NetChk console
    • Corrected recurring jobs to work properly with Microsoft scheduler 2.0
    • Prohibit Vista and later operating systems from using the Microsoft AT scheduler; use of the AT scheduler on these operating systems results in hundreds of scheduled jobs being generated as a result of pingback failures
    • Resolved an issue with the Microsoft scheduler 1.0 that resulted in an application crash when scheduling recurring scans
    • Fixed an issue where deployments using reboot dates more than a month out in the deployment template were not scheduled correctly
    • Deployments scheduled in the past will now run immediately rather than a month in the future
    • Corrected issues with silient.exe that prevented successful deployments without user intervention
    • Corrected an issue with the NetChk Protect 7.2 update 1 patch that deletes install location resulting in the application not remembering the previous installed location
    • Resolved an issue that prevented scheduled deployment jobs from being deleted
7.2.155.0

Released 12/01/2009

    Feature Enhancement

    • Enhanced Data File Download and Distribution Server Sync functionality. Specify never download data files (run disconnected), download newer files when the application launches, specify an interval for data file downloads and anchor that interval to a specific hour, or specify newer data files are downloaded on a specific day of the week and hour of the day.
    • Extended NetChk Agent policy version control to components modified outside of the Agent policy. If you modify a scan or deployment template, or patch group used by a template, it will be updated in the Agent policy on the next Agent check in.

    Bug Fixes

    • Resolved an issue that prevents NetChk Agents from checking in when the listener fails to initialize.
    • Corrected an issue where adding the same contact name to the address book caused the console to crash.
    • Fixed problems with regional settings that prevented results from being imported and reports from being generated properly.
    • Changed the installer to allow control of where the product is installed. Upgrades will be installed in the previously-defined location.
    • Resolved deployment seat count issue with the NetChk Agent.
    • Enabled the Agent to use recognize the Patch Group Text file.
    • Fixed the Agent so it would not crash when attempting to install more than 8,000 patches.
    • Corrected a problem so the scheduler could be successfully uninstalled.
    • Modified the Agent to initiate a reboot after deployment in all cases when the deployment template specifies a reboot.
    • Resolved an issue where deploying patches to a specific IP range when multiple IP ranges were scanned resulted in all missing patches in all IP ranges being deployed.
    • Added a variable to the STEnvironment configuration file to control how long to wait for scan results to be imported before automatically generating reports to be emailed. Default is 30 minutes (increased from 2 minutes).
    • Fixed an issue where creating a very large patch group (200+ patches) by doing a right-click select, crashed the application.
    • Eliminated a console crash when the system errors out with multiple failed patch downloads.
    • Corrected an issue that prevents removal of a specific patch from a patch group.
    • Changed the database query to support changing the Office path/credentials when multiple consoles are connected to the same database.
    • Resolved a Scan View issue that prevented deleting multiple selected patches.
    • Implemented a change support console installation on a Windows Server 2003 SP2 terminal server.
    • Fixed a timing issue that resulted in an error when selecting a large number of patches in the Scan Results view.
    • Corrected a problem that prevents the console UI from correctly updating during Agent installs.
    • Added use of a shared drive as the patch download center path.
    • Fixed an issue where the console was started minimized.
    • Resolved a problem that prevents patch deployments from Machine View.
    • Added ‘Friday’ as a selection in the scheduler. Removed duplicate ‘Saturday’.
    • Corrected issues when scheduling scans, deployments, or scans with auto deployments across month boundaries.
    • Eliminated a timing issue that resulted in inconsistent scan results numbers in Executive Summary.
    • Verified the pre-req installer handles detection and installation of MSXML 6.0 hot fix for all supported operating systems.
    • Changed the license scheme to eliminate need for console activation after moving the console with VMotion.
    • Modified database queries to prevent ‘Out of Memory’ exception when opening Machine View that includes Asset Scan information.
    • Increased the SQL command timeout to prevent an application crash when Deleting Scans from Managed Items in a large database.
    • Re-enabled support for console operations that do not require access to admin shares.
    • Corrected an issue that prevents threat data files from being downloaded in a proxy server environment.
    • Added the machine group used for scanning to asset scan results of virtual servers.
    • Fixed an issue that prevented obtaining a console certificate if the application was not installed in the default location.
    • Resolved a problem that resulted in an application crash when removing address box contacts from Managed Groups.
    • Eliminated a limitation of performing asset scans on no more than 64 machines.
    • Corrected an application crash when deploying patches when IE 5.5 SP2, IE 6 SP1 or IE 6 SP2 is contained in the deployment.
    • Fixed an issue where Agent deployments would fail if the machine had been previously scanned by IP address.
    • Modified the product so data roll up ignores deleted machines.
    • Resolved multiple Agent updater executable issues that prevent successful updates during data drops.
    • Corrected an issue that resulted in a console crash when attempting to download language-specific patches and the patch does not exist in that language.
    • Fixed an issue where a distribution server with null credentials failed to upgrade.
    • Added support for automatic email of reports upon completion of a scheduled asset scan.
    • Fixed an unhandled exception when testing proxy credentials in a disconnected environment.
    • Resolved an issue where run disconnected mode was not being remembered.
    • Added support for assets scans of a machine group defined by a linked text file.
    • Corrected an issue parsing asset scan results from non-English languages.
    • Fixed scan results reporting of Windows Server 2008 R2 as an ‘unknown OS’.
    • Added Last Threat Scan Date and Last Threat Definition File information to machine view.
7.1.410.0

Released 10/06/2009

    Major New Features

    • Asset Management: Shavlik’s Asset Management leverages the company’s innovative Agentless approach to thoroughly and dynamically discover and catalog IT assets.
    • Software Assets
    • Hardware Assets
    • Virtual Machine Assets
    • Enhanced Integration with Virtual Infrastructure: Significant enhancement over previous handling of virtual machines within NetChk Protect. Now there is a tight coupling of NetChk Protect with virtual infrastructure including vSphere, VI, ESX, or ESXi.

    Bug Fixes

    • Resolved an error that prevented scheduling recurring scans on Fridays
    • Corrected issue where threat results repeatedly sent to the rollup console at every rollup interval
    • Added MSXML hotfix (KB960064) to the boot strapper to address a memory consumption issue that resulted in hangs while scanning large numbers of machines
    • Fixed Importer failure to import agent patch deployment result files that contain no patches
    • Database Installer Fails when an existing SQL Login is specified for Services Connectivity that is not already mapped to a Database User
    • Fixed Prereq installer to NOT install c++ runtime
    • NetChk Patch Service Fails to start before the maximum OS service start timeout
    • Fixed access denied error on Console if doing a scan while the service is importing newer XML
    • Resolved Scan view crash during a large service pack download
    • Corrected issue where earlier versions of HFCLI cannot scan target after a 7.0 deployment
    • Added charts missing after performing first scan
    • Corrected issue in DB Updater that caused Distribution screen to error on upgrade
    • Addressed the incorrect default value of the data rollup port
    • Fixed an issue where remote database installs and upgrades fail on Windows Server 2003 when connected via Terminal Service
    • Resolved problem with the right-click context menu in scan view to filter by the selection (it was defaulting to selecting all machines in the scan as in context)
    • Corrected an application crash when opening the Distribution Server manager
    • Added input validation for content entered in the Tools->options->Proxy user dialog box as invalid content resulted in an application crash
    • Fixed an issue that prevent deploying patches from machine view to machines found during dynamic ESX server scan
    • Resolved a console crash when deleting a contact from the address book
    • Corrected an application crash from a null string when downloading less common non-English language patches
    • Fixed an issue where editing Distribution Servers failed repeatedly
    • Removed limit of 64 as the maximum number of asset scans
7.0.841.0

Released 08/11/2009

    Bug Fixes:

    • Fixed a bug where entering a duplicate email address in the address book would cause the console to crash
    • Fixed a bug where viewing scan results or selecting machines in the scan view might cause the application to crash
    • Fixed a bug where downloading large files (such as Service Packs) would fail on XP and WS03 consoles due to an issue with checking digital signatures on large files
    • Fixed a bug where agent scan results and/or child console rollup results would not appear in the main console if the agents or downlevel consoles were running with a newer version of hfnetchk6b.xml
    • Fixed a bug where agents failed to check-in with the console if the agent policy was configured to use 'Distribution Server - by Agent IP range' and that policy did not include a reference to a backup Distribution Server
    • Fixed a bug where version 7 claimed that all license seats were in use and could prevent installation of patches and/or functionality of agents.
    • Fixed a bug where agents were not able to be deployed on some Domain Controllers
    • Removed the need for WMI to be running on systems where the agent was being deployed
    • Fixed a bug where the agent UI would not function if the agent policy was configured to use 'Distribution Server - by Agent IP range'
    • Fixed a bug where the Shavlik services may fail to start
    • Fixed a bug where version 7 may fail to install if the console was not connected to the Internet or was running behind an authenticating proxy server (installer issue - fixed in the new installation bundle only)
    • Fixed several bugs where the database migration process failed when upgrading from version 6.x to version 7 (installer issue - fixed in the new installation bundle only)
    • Fixed a bug that prevented installing version 7 if a prior installation of version 7 had failed (installer issue - fixed in the new installation bundle only)
7.0.832.0

Released 06/30/2009

    Major New Features:

    • AV
      • Added antivirus / threat management engine to the NetChk Agent
      • Added on-access and on-execution Active Protection capabilities to the NetChk Agent
    • Shavlik NetChk Console
      • Refreshed and redesigned the main page with new charts and new items. New charts provide immediate view into the latest status of machines on the network. New items include 'How do I...' links to the Help File making it easier to get the most value out of NetChk Protect.
      • Multi-tasking GUI. Launch multiple scans, review results, initiate deployments - all at the same time.
      • Shavlik NetChk console can be installed on Vista systems
      • Enhanced the machine group interface. Machines can be sorted and grouped by a variety of attributes.
      • Enhanced the patch group interface. Patches can be sorted and grouped by a variety of attributes.
      • Enhanced the left navigator to use Outlook-style display
      • Enhanced patch download window. Patch download status is displayed for each patch being downloaded.
      • Enhanced the patch deployment test function. The test function follows the same code path as real deployments.
      • Added bulletin release date, bulletin title, and patch type columns to the patch group window
      • Added group name to patch scan results in the left navigator
      • Added ability to perform automated data file downloads every X hours
      • Distribution Servers can be synced every X hours
      • Enhanced the console functions to operate more efficiently\quicker when reading from large databases
      • Added ability to add machines to existing machine groups via right click menu option
      • Added ability to add patches to existing patch groups via right click menu option
      • Enhanced the Machine View - added smart filters, search capabilities, and sorting\filtering\grouping functions.
      • Added a column to the Machine View to display the last agent checkin date
      • Added Microsoft Exploitability Index values to patch data in the Patch View
      • Consolidated ports - the data rollup function uses same port number as NetChk Agents
      • Enhanced E-Mail selection window
      • Added ability to delete old machines from the machine view (as long as they're not currently occupying a deployment or agent license)
      • Improved speed and responsiveness -- the patch scan engine is 3x to 5x faster
    • Shavlik Agent Infrastructure
      • NetChk Agents do not require distribution servers. Data and engine files can be downloaded directly from the Internet.
      • NetChk Agent installations use an MSI file
      • NetChk Agent can be installed on Vista systems
      • NetChk Agent can be installed on the NetChk console
      • Enhanced the NetChk Agent scheduling capabilities. NetChk Agents now have the same flexible scheduling available in Agentless operations.
      • Multiple patch and threat tasks can be assigned to one policy
      • Enhanced the agent policy manager (multi-select)
      • NetChk Agent can be configured with a 'listening' port to receive agent policy updates and instructions instantly
      • Agent patch policies can leverage existing agentless scan templates
      • Agent patch policies can leverage existing patch groups. The 'approved patches' list has been replaced by selection of one of three options: deploy all missing, deploy from patch group, deploy all vendor Critical patches (or deploy patch group PLUS all vendor critical patches)
      • Agent patch policies can be configured to always scan for (and deploy) vendor Critical patches, eliminating the need to define and maintain patch groups
      • Agents checkin with the console for updated policies, rather than the distribution server
      • Enhanced the NetChk Agent client user interface
      • Added option to perform agent tasks X minutes after system start if previously scheduled start time was missed
      • Added ability for non-administrator users to launch patch and threat scans and perform remediations from the agent GUI (if configured to allow users to do this)

    Other New Features, Enhancements, and Bug Fixes:

      • Fixed a bug where the patch scan engine might fail when doing aqentless scans of thousands of systems
      • Fixed a bug where canceling scans or deployments against offline VM images might not work properly
      • Fixed errors encountered when scanning offline VM images that are part of nested machine groups
      • Fixed a patch deployment bug where SystemRoot could not be identified on some systems
      • Fixed a bug where the Deployment Status Report would include data on all patches even though the report is set to filter on specific criticalities
      • Fixed a bug where Report Only users were able to delete scan and deployment results
      • Fixed a bug where the console display would not refresh properly after canceling a patch download
      • Updated NetChk Agent (patch) to correctly deploy certain SQL Server patches
      • Fixed a bug where deleting machine group credentials removed Domain credentials after the scan completed
      • Fixed a bug where custom patch features failed to execute on agent-managed machines
      • Fixed a bug where custom patch features failed to work as expected with R2 systems
      • Enhanced the console to provide better results for agents when agents perform multiple scans per day
      • Fixed a bug where Office media path credentials may not have been saved in the deployment template
      • Fixed a bug where deployments from a Windows Server 2008 console failed to execute on NT4 systems
      • Fixed a bug that prevented the use of a Distribution Server on a remote system where that location was the specified console download location
      • Fixed a bug where automated e-mails failed to operate for offline virtual machine images
      • Fixed a bug with NetChk Tracker where patch rescans were initiated before the target system was read to be rescanned
      • Enhanced NetChk Tracker with additional status messages to indicate that machine was restarted and was awaiting rescan
      • Enhanced the patch download status window to display download status for each patch
      • Enhanced the NetChk Agent so it can checkin with the console by using its IP address rather than hostname (Agent must be installed manually and console's IP address should be specified during installation)
      • Fixed a bug where canceling an agentless patch scan wouldn't cancel immediately
      • Modified the NetChk Console to only allow one running instance of the application
      • Fixed a bug where the 'Machines not Scanned' report would not allow filtering on individual scans
      • Fixed a bug in the NetChk Agent deployment process where the Agent icon wouldn't appear in the system tray when first installed
      • Fixed a bug where scheduling a deployment across a month boundary would fail if using the Microsoft scheduler
      • Fixed a bug where patches that had been uninstalled were not able to be installed again using the NetChk Agent
      • Fixed a bug where SafeReboot was not always executing on Windows 2000 systems
      • Fixed a bug where the Machine Inventory and Top Ten Missing Patches reports were not automatically sent out (as configured) at the end of a patch scan
      • Fixed a bug where patches with .msp extension were not not always being installed on Agent-managed systems
      • Fixed a bug where scheduled scans were using incorrect time and date when console was set to Danish regional settings
      • Fixed a bug where custom patches marked as 64 bit were looking into the 32 bit registry
      • Fixed a bug where SQL Server Service Packs could not be installed from the Summary by Patch screen
      • Fixed a bug where offline VM image scans did not return the target system's workgroup name
      • Fixed a bug where filtering by comment did not work in the advanced filtering report options
      • Fixed a bug where canceling a scan of offline VM images may leave some images mounted
6.5.3.818

Released 10/21/2009

    Bug Fixes:

    • Added MSXML 6.0 Hot Fix to the Boot Strapper to resolve GUI hangs and memory corruption that result from large scans
    • Fixed the GUI so editing an ESX server validates the information entered
    • Remove orphan records from 5.8.1, 5.9, and 6.0 databases so upgrades to 6.5.x database are successful
    • Remove orphan service pack relationship with products so database upgrades are successful
    • Enhanced Agent to install .MSP files
    • Corrected inconsistencies between Executive Summary and various charts
    • Fixed the Cancel Deployment action to successfully terminate
    • Resolved an issue that resulted in extremely slow scan times when Internet Explorer 7 was included
    • Corrected custom patch scan behavior to correctly use the x64 registry
    • Fixed an issue where a rescan of an offline virtual workstation machine resulted in an application crash
    • Resolved an error so the new Microsoft digital signatures can be validated
    • Fixed an issue where images were some times not loaded properly into the application
    • Resolved issues with credentials and offline VMs
    • Modified the product so rescan status is set to ‘unable to rescan’ if the scan object cannot be instantiated
    • Updated the sum.bat tool for updating XML and engines for disconnected consoles
    • Corrected behavior when scheduler security negotiation fails
    • Added support for installing NetChk Protect console on Windows Server 2008
    • Fixed an issue where attempting to select one patch for a patch group resulted in All patches being selected
    • Corrected deployments scheduled across month boundaries so the deployment no longer reports “time is in past”
    • Fixed an issue where the Scheduler schedules jobs a month out if the time has passed
    • Resolved an issue where VMotion of a virtual machine that hosts the Shavlik console deactivates the license key
    • Corrected a problem with machine group copy that resulted in ESX server or VMware Workstation images not being copied
    • Fixed an unhandled exception that occurred when deleting a machine group that included an offline machine
    • Resolved an issue where a right-click to deploy all missing patches on an virtual machine failed
    • Corrected a problem that prevent deployment of SQL Server service pack from the Summary by Patch view
    • Fixed an issue where Service Packs for XP x64 systems were not properly handled
    • Resolved an issue where canceling a scan of virtual machines took a long time
    • Corrected a problem with target machine registry’s that prevent scans by a 6.x.x version if the target machine had been scanned by Protect 7
6.5.2.611

Released 01/21/2009

    Bug Fixes:

    • Fixed an issue where agents might uninstall themselves if they were unable to contact the Shavlik console
    • Fixed an issue where the malware scan engine fails to scan when multiple user accounts exist on the target system
    • Fixed an issue where deployments using the Microsoft scheduler would be scheduled a month out if the scheduled time already occurred
    • Fixed an issue where deployments to an x64 system from a 32 bit console would use the Microsoft scheduler rather than the Shavlik scheduler
    • Fixed an issue where the agent installer port could not be changed from the default port number 3121
    • Fixed an issue where the NetChk Patch Service fails to autostart after a console reboot. Also fixed an issue where the NetChk Patch Service might fail to start if the Service was unable to connect to the database on a local or remote system. These two changes should enhance the reliability of the PatchPush Track function.
    • Added a second credential option to the domain scanning function on the machine group window. The second provided credential will be used to enumerate membership of the specified domain in instances where the currently logged on console user does not have access to that domain.
    • Fixed an issue where the reboot function on a Windows Server 2003 system would not provide a 'reason for shutdown' and could therefore cause the system to pause at startup until this reason is entered.
    • Fixed an issue where manually installed agents might result in the following error during a patch or malware scan "stSchedEx.exe has encountered a problem and needs to close"
    • Fixed an issue where the Shavlik console process might fail to end when the application is shutdown
    • Fixed an issue where tasks might fail to be scheduled on remote systems where IPv6 is present
    • Fixed an issue where the system may not reboot as expected if a non-administrative user is logged on at the time the reboot is expected
    • Fixed an issue where an 'Unexpected Error' might be encountered when using the 'scan with' option from the File menu
    • Fixed an issue where choosing a Service Pack to deploy from the missing machines tab under the 'Summary by Patch' view would display 'Service Pack 1' as the only available Service Pack to deploy.
    • Enhanced the deployment configuration dialog box so that the 'deploy now' button was not selected by default
    • Changed the default focus on the deployment status window to 'close this window' rather than 'cancel'
    • Fixed an issue where machine names display as truncated (underneath) the machine icon in the scan view
    • Fixed an issue where the IAVA Reporter utility failed to function with version 6.5
    • Fixed an issue with a registry key entry on the Shavlik console that prevented certain system backup utilities from functioning correctly
    • Fixed an issue where duplicate Service Pack names appeared in the custom actions window
    • Fixed an issue with custom actions assigned to Service Pack deployments where incorrect SP info might display in the Edit window
    • Fixed an issue where running the 'apprunonce' function would re-install Shavlik services with different service names than the original service names
    • Added descriptions for the Shavlik installed services
    • Fixed an issue where OU enumeration credentials might not be saved in the GUI
    • Fixed several issues that caused unhandled exceptions when editing machine groups containing nested groups
    • Fixed an issue in the PatchPush Tracker application where some patches would fail to appear in the PPTracker GUI if a large number of patches was being deployed
    • Fixed an issue with malware scan results where signature evidence for one piece of malware might incorrectly appear as signature evidence for another piece of detected malware
    • Modified the application EULA
6.5.1.527

Released 10/13/2008

    Bug Fixes:

    • Fixed a bug where deployments would fail to initiate, including those performed after rescans, from the NetChk Home Page, and as part of an auto-remediation task following a scan
    • Fixed a bug where deployments were failing with 'Invalid Optional header type' in the PM.log file
    • Fixed a bug where console-based scheduled activities weren't upgraded when installing a new version of Shavlik NetChk
    • Modified Shavlik Agent behavior so that it operates on new agent policy immediately after receiving updated policies
    • Fixed an issue where the Shavlik Agent wasn't able to be installed from the Machine Properties window
    • Fixed an issue where the Save button wasn't available when changing agent policies in the machine properties window
    • Modified Distribution Server behavior so that agent installs don't require full file synchronization to all Distribution Servers
    • Fixed a bug where remote patch repositories weren't being updated properly
    • Fixed an issue in the scan engine where the target system's Operating System wasn't being identified if the scan engine encountered a 'Server too busy - error 1726' event
    • Fixed an issue in the SafeReboot window where the Snooze bar appeared when it wasn't configured to do so
    • Fixed an issue where scheduled scans weren't respecting the 'run disconnected' setting in the Tools-Options menu
    • Fixed a bug where deployments were failing if the target machine was removed from the machine group in which it was initially scanned
    • Fixed an error that occurred when choosing to email scan status results from the machine summary window
    • Fixed a bug where exporting report data containing no results caused an exception
    • Fixed a bug in the machine group window where Tools-Export Text File was outputting XML instead of TXT
    • Fixed a bug in the Deployment Detail report where the Bulletin Number and KB numbers weren't being displayed
6.5.0.489

Released 08/25/2008

    New Features:

    • Added ability to perform patch scans and deployments to offline VMware Workstation, Server, and ESX Server images

    Bug Fixes:

    • Fixed a bug where the agentless distribution server function did not respect primary vs secondary distribution server settings properly
    • Fixed a bug where the stschedex.exe process might crash on a target system
    • Changed the default configuration of the Safe Reboot dialog to remove the focus from the Reboot Now button so that it wouldn't inadvertently be pressed
    • Fixed a bug that allowed users to upgrade with the Shavlik application already open. The user interface would not behave properly until all instances were closed
    • Fixed a memory leak in the patch deployment function
    • Fixed a bug where the 'rename' and 'delete' right click options weren't working properly when executed on items in the left navigator pane
    • Fixed a bug where scans scheduled prior to Upgrade/Install continue to use old file version
    • Fixed a bug where the deployment configuration screen allowed date and time changes when 'install immediately' was selected
    • Fixed a bug where patch deployments failed on FAT32 systems
    • Fixed a bug where a job was not displayed in the Schedule Task Manager for Windows Server 2008
    • Fixed a bug that caused a crash when canceling an 'add credentials' request
    • Fixed a bug where distributions servers may have failed to synchronize with the console if Role Based Administration was enabled
    • Fixed a bug that caused the scan to fail and the scan status window to hang when scanning a large number of machines
    • Fixed a bug where remediation template option was displayed twice in the 'Tools - Options - General - Navigator' window
    • Fixed a bug where agent-based patch deployments would fail on Windows Server 2008 systems
    • Updated the license key upgrade process so that Audit keys will maintain proper reporting/output options
    • Fixed a bug where the 'filter by' function in the machine group window would fail to operate as expected
    • Fixed a bug where Windows Server 2008 machines would display 'OS not known for SP1' in the machine centric view'
    • Fixed a bug where a target system was told to reboot but would not reboot if no user was logged on
6.1.0.57

Released 05/13/2008

    Bug Fixes:

    • Fixed a bug that prevented deployments from occurring on some systems due to incorrect ACLs on the windows\propatches folder
    • Fixed a bug where large patch deployments failed with 'out of memory' messages
    • Fixed a bug where 'download all patches' failed to operate
    • Fixed an issue where stPatchAssessment.exe continued to run even after all patch scans completed
    • Fixed a bug where agent policy creation would crash if passwords were supplied
    • Fixed a bug where the version 6.0 dissolving scheduler failed to dissolve when performing remote deployments
    • Fixed an error that caused target systems to display a crash for cl5.exe and/or stschedex.exe
    • Fixed a bug that prevented 'deploy all missing patches' from operating when selected from scan items in left navigator
    • Fixed a bug where sorting or grouping data by download icon or agent status in the Machine Centric View would make the relevant icons disappear
    • Fixed a bug where copying a patch group would simply rename the selected patch group
    • Fixed a bug where agent policies could not be edited if they were created in earlier versions of the product
    • Fixed a bug where agent scan results were not appearing in the Machine Centric View
    • Fixed a bug where the Machine Centric View would error when filtering by a large patch group
    • Fixed a bug download icons would not appear for some patches after download new Shavlik XML files
    • Fixed a bug where cross-domain deployments would fail with a message about invalid credentials
    • Reverted behavior back to pre 6.0 functionality so the scan engine will respect both patch group and patch type filters specified in a scan template
6.0.10.640

Released 03/06/2008

    Updates:

    • Modified the database conversion routine during the installation process to address the following issues
      • Corrected a database issue where in some cases it was not possible to remove selected machines from a machine group
      • Corrected a database issue that might prevent deployments from occurring
      • Updated the database conversion process to address an issue where some databases were not successfully converted during the installation process
      Notes: Customers that have successfully installed 6.0 and have not experienced the above issues do not need to to upgrade to this version. Customers who have installed 6.0 and are experiencing the above issues should contact support@shavlik.com to obtain a standalone database repair tool as installing this version on top of an existing version 6 installation will not correct these issues.
6.0.10.636

Released 02/19/2008

    Major New Features:

      All of the fixes and new features from prior versions and hot fixes, plus

      • Added new Managed Machines view - now called 'Machine Centric View. Provides aggregate status for patch and malware scans which can be sorted by domain, machine, or item. Deployments\remediations may be initiated directly from this screen. The Machine Centric View can group and sort data by any column (drag column header to the leftmost column to group by selected column.)
      • Added Custom Patch Support. Using a wizard-like custom patch editor, define customer products and/or create custom patches for new or existing products. Enables scanning and deployment for custom products and patches alongside publicly supported products and patches.
      • Added Multiple Agent Policy Support. Unique agent policies may be created and applied to distinct groups of machines, including items to scan and remediation, times to scan, and reboot attributes.
      • Added Role-Based Administration. Assign local and/or domain user accounts to one of five NetChk roles: Administrator, Full User, Scan and Report only, Deploy and Report only, and Report only.
      • New Product Support. A complete list of products supported by Shavlik NetChk Protect can be found here: Supported Products in version 6.0

    Other New Features, Enhancements, and Bug Fixes:

      • Added ability to scan systems where the systemdrive share (such as C$ or D$) has been disabled
      • The 6.0 installation process will automatically migrate scheduled scans from 5.81 and later consoles
      • Added support for deploying Microsoft Office patches and service packs when the Office application is a different language than the Operating System
      • Removed support for the JET (MDB) database and included a new SQL database setup tool
      • Updated safe reboot to display the countdown window on 64 bit systems
      • Udpated safe reboot to display the countdown window on Vista systems
      • Updated safe reboot to display the countdown window to the primary Terminal Service session
      • Added ability to create a custom timeout period before reports are auto-emailed - to allow for all scan results to be uploaded to the database prior to sending the emailed report
      • Improved console performance when launching the Netchk application which is connected to a database with large numbers of scans
      • Improved overall PatchPush Tracker performance
      • Enhanced report generation process to create large reports faster using less memory
      • Added ability to install the application on Windows Server 2008 systems
      • Enabled ability for users to see all created distribution servers
      • Enabled users to view all email addresses
      • Added ability to modify patch agents to only scan for certain patch types - based on registry key setting (2039)
      • Modified scan results so domain name will be shown in domain column, rather than OU name, when scanning by OU
      • Enhanced log maintenance. Patch scan and remediation logs (hf.log and pm.log) will not be overwritten during each scan or deployment. Logs will grow to a customizable max size (100 meg default) before starting a new log file. Prior log file is saved.
      • Fixed a bug where the scan engine failed to retry authentication with the currently logged on credentials when the supplied credentials failed
      • Modified scan engine behavior - when scanning for a specific set of patches (patch group), the 'patch type' filter will be disregarded
      • Fixed bug where the PatchPush Tracker default listening port would not change when modified in the tools-options dialog
      • Corrected safe reboot execution date attributes to respect international date formats
      • Corrected an issue where attempting to import machine credentials for a machine group would fail
      • Fixed an issue with auto-emailing the Patch Scan Summary report where the report would fail to generate when SQL Server authentication was used with the Shavlik database
      • Modified Office Media Path to work whether a trailing backslash was included in the path or not
      • Removed International Mode Download Center option as this capability has been fully integrated into the product
      • Modified all Shavlik related service names to start with 'Shavlik'
      • Fixed an error that occurred when importing large numbers of machine names to a machine group (greater than 10,000 machine names)
      • Added support for managing machines names containing multibyte characters
5.9.0.145

Released 04/30/2007

    New Features:

      All of the fixes and new features from prior versions, plus

      • Added MBSA compatibility. Scan results can be output to MBSA XML format where they can then be viewed in the MBSA console.
      • Added the ability to scan an unlimited number of systems for a limited set of products. The limited set of products are those that are not typically managed via traditional Microsoft technologies such as: Step by Step Interactive Training, Office 2000, ISA Server, and Visual FoxPro (to name a few)
      • Added ability to install a Limited Agent that will perform patch assessment functions for a limited set of products.
      • Added the following new products to the scan engine:
        • Microsoft Visual Studio .NET
        • Microsoft Step By Step Interactive Training
        • Microsoft Front Page Server Extensions
        • Microsoft SharePoint Team Services 2002
        • Windows SharePoint Services
        • Microsoft Services for Unix
        • Microsoft Windows Journal Viewer
        • Word Viewer
        • Producer for PowerPoint
        • Visual FoxPro 8.0
      • A complete list of products supported by Shavlik NetChk version 5.9 can be found here: Supported Products in version 5.9
      • Changed the patch assessment XML file from hfnetchk6.xml to hfnetchk6b.xml
      • Enhanced the text displayed in the scan status window when launching a scan.

    Bug Fixes:

    • Corrected several bugs related to using SQL Server as the data repository for Shavlik scans
    • Fixed a bug report rollup from children to master consoles was not working if the child console was using SQL Server as the data store
    • Fixed a bug where the scan engine would slow down when scanning large numbers of systems
    • Fixed a bug in report generation when using advanced filters and selecting Service Packs
    • Fixed a bug where scheduled scans were not operating with the Shavlik Scheduler (they would only use the Microsoft scheduler)
    • Fixed a bug in the Test Deployment function when testing against 32bit Vista systems
    • Fixed a bug in the Shavlik Scheduler where CPU would rise to 100% if the scheduler was able to obtain the requested TCP port number
    • Fixed a bug where the scan engine was failing to use the supplied proxy credentials
    • Fixed a bug where scheduled scans were not functioning when the admin was logged off of the system hosting the NetChk console
    • Fixed a bug in report generation for reporting by machine type
    • Fixed a bug where several Service Pack entries failed to display download icons
    • Fixed a bug where remote console synchronization would fail when missing specific data files
5.8.1.136

Released 01/30/2007

    New Features:

      All of the fixes and new features from prior versions, plus

      • Added NetChk Spyware (in Protect version) including support for non-bizware applications
      • Added ability to do patch management for x64 systems
      • Added ability to manage Windows Vista systems
      • Modified the patch scan engine to enable new product support via XML file updates (vs. new releases of the scan engine)

    Bug Fixes

    • Fixed a bug in the scan engine where scanning 'only for missing patches' would not return a scan result
    • Fixed a bug where a text file containing a list of patches that was linked to a scan template did not function as a patch filter
    • Fixed a bug where double reboots might occur in some instances
    • Fixed a bug where credentials in nested groups weren't being used
5.8.0.577

Released 10/23/2006

    New Features:

      All of the fixes and new features from prior versions, plus

      • Added Agent functions to supplement agentless scanning. Deploy agents to frequently disconnected devices (laptops) or other systems where it's not possible to perform agentless patch management. Also added is a centralized patch policy service that can be distributed to agents being managed by remote consoles. See new Agents menu option in the console menu bar for more information.
      • Added enterprise reporting functions. Under tools-options, select a parent console which will receive a copy of all scan and deployment results. Choose replication frequency, etc. Distributed consoles can send all of their data to a specified central console for aggregate reporting across all consoles.
      • Enhanced Report functions. Choose to create reports from a selected console, or across all consoles. Also, new aggregate reports are available to display the most recent results for each machine across all scans performed.
      • New Reports. Two new reports have been added: Machine Status by Patch Count, and Deployment Percentage by Patch
      • Added option to scan domain using browse list only. Under Tools-Options-Scan is a checkbox, that when selected, will scan only those machines that can be viewed by the network browse list, rather than the machines stored in the domain controller machine account list.
      • Added option to control discovery timeout. When scanning for existence of machines (via tcp 139 and 445), the scan engine will timeout after 5 seconds if it hasn't received a response. The Tools-Options-Scan menu provides a connection timeout field that can be adjusted up or down as needed to account for slower bandwidth connections.
      • Added option to disable supersedence. In Tools-Options-Scan menu, a checkbox exists to disable supersedence. When checked, the scan engine will display ALL missing patches, rather than only those that necessary. Superseded missing patches are only display for items where no superseding patch has already been installed.
      • Added option for children consoles or distributed consoles to download XML files, engines, custom files, patches, and service packs from specified upstream Shavlik consoles or distribution servers (rather than each console downloading this data from the vendor websites)
      • Updated scan engine. The 5.8 patch scan engine has been redesigned. As a result, scan times may be up to 30% faster, scans can leverage dependancy data in the XML files for better scan results, and the scan engine can be easily extended to support new products and architectures via XML files updates.
      • Modified default scan templates. Changed name of QuickScan to Security Patch Scan. Removed Full Scan template from new installs (will still be present on previous installs).

    Bug Fixes:

    • Corrected an error when testing credentials against a group of machines where incorrect credentials were supplied
    • Fixed a bug where scanning for software distribution patches via a patch group might fail to scan as expected
5.6.0.446

Released 04/04/2006

    Bug Fixes:

      All of the fixes and new features from 5.6.0.444 plus

      • Fixed a bug where scans would hang or error (91) when the console is behind a proxy server
      • Corrected errors in AutoUpdate and installation where a null database field wasn't being updated properly, causing the application to fail
      • Corrected errors in AutoUpdate and installation where application charting features would fail
5.6.0.444

Released 03/30/2006

    New Features and Enhancements:

    • Spyware
      • Added client-side spyware active protection
      • Added ability to remove Layered Service Provider (LSP) spyware signatures
      • Added ability to quarantine spyware
      • Added ability to rollback spyware remediations
      • Added ability to control spyware quarantine retention time and file size
      • Added ability to view remediated spyware signatures in the spyware scan results and reports
      • Added active protection tab to Tools-Manage Machines display properties window
      • Improved the spyware scan engine scan time
      • Added configuration option in Tools-options for spyware scan timeout
    • Console
      • Added scan-type dialog prompt when launching scans from main page
      • Added configuration option in Tools-options for connection timeout when enumerating machines during a scan
      • Added ability for the console to use the Shavlik scheduler for scheduled tasks
      • Added maintenance expiration dates to Help-about window
      • Added popup dialogs to alert user about upcoming maintenance expiration
      • Updated the Shavlik Scheduled Tasks Manager interface
      • Added ability to cancel or reschedule scheduled tasks via the Shavlik scheduled tasks manager interface
      • Updated the SQL Updater Tool to work with SQL 2005 databases

    Bug Fixes:

    • Spyware
      • Fixed bug where the spyware scan engine might consume 100% CPU upon machine restart
      • Fixed bug where spyware scan engine would fail to operate on a target machine with limited memory
      • Fixed bug where the spyware scan engine would fail to detect cookies
      • Fixed bug where the spyware scan engine might automatically restart upon machine restart
      • Updated the spyware scan engine CPU throttling algorithm
      • Fixed bug where a file shortcut with a '$' symbol in the name was not being removed during a spyware remediation
      • Reduced the time to schedule spyware remediation when remediating multiple machines at the same time
    • Patch
      • Includes updates from the SKB2687 scan engine hotfix
      • Fixed bug where the patch scan engine might fail during the patch import process
      • Fixed bug where the patch scan engine might cease to operate during large network scans
      • Fixed bug where canceling a patch scan would fail to show scan results for those machines that had completed scanning
      • Fixed bug where Products under Patch Information would fail to expand when selecting the '+' symbol
      • Fixed bug where the netchk patch service might cause the deployment process to hang at the 'building enforcement files' window
      • Fixed bug where the patch push tracker might fail and display 'Parameter is Incorrect'
      • Fixed bug where CSV export from Condensed Patch Listing report was showing null results
      • Fixed bug where some 32 bit systems were being detected as 64 bit systems during a patch scan
      • Fixed bug where command line patch scan output in CSV and TSV format included line breaks in the middle of an individual entry
      • Fixed bug in patch scanning that may have caused a patch to be reported as effectively installed instead of explicitly installed
      • Fixed bug in patch deployment that may have caused a patch to be reported as effectively installed instead of explicitly installed
    • Console
      • Fixed bug where the Shavlik scheduler would fail to use the custom install directory.
      • Fixed bug where recurring scheduled scans might fail to launch
      • Fixed bug where remediation\deployment would fail to a machine with a single quote in the machine name
      • Fixed bug where 'deploy at next reboot' might fail to launch
      • Fixed bug where deployment notifications with special characters would not work properly on French language systems
      • Fixed bugs relating to scheduled tasks and different time zones on the console and the target machine
      • Fixed bug where machine names might be cropped in some email notifications
      • Fixed bug where spyware.cab file was downloaded on every patch and spyware scan
      • Fixed bug where the Shavlik scheduler service was not stopped and/or removed after a patch deployment or spyware scan or remediation, as configued via Tools-options
      • Fixed bug where creation of new scan templates were not defaulting to the 'Quickscan' template settings
      • Fixed bug where proxy settings were not being properly determined when proxy settings were set to use 'automatic configuration'
5.5.1.754

Released 11/21/2005

    Bug Fixes:

    • Corrected an issue where deploying patches via the Summary By Patch view would deploy patches to all machines whether the patch was needed or not
    • Corrected an issue where scheduled reboots using SafeReboot would occur before the scheduled time
    • Extended the spyware scan console timeout value from 10 minutes to 40 minutes. Also added a registry key value to the console machine to control this timeout. To modify this value, go to HKLM\SOFTWARE\Shavlik\HFNetChkPro4\GUI\Options and change the 'SpyWait' decimal value to the number of minutes you'd like to use for the scan wait process
    • Fixed a crash when testing credentials associated with a machine group where both IP addresses and IP ranges where specified
    • Updated the spyware scan engine to better handle low resource environments on client machines
    • Enhanced the handling of sensitive information when this information was decrypted in memory
5.5

Released 08/31/2005

    New Features and Enhancements:

    • Name changed from Shavlik HFNetChkPro to Shavlik NetChk Protect. The Protect name is used when both Anti-Spyware and Patch Management are installed on the same console. If only the patch product is licensed, it will still reflect 'Shavlik HFNetChkPro' or 'Shavlik NetChk Patch'. If only Spyware is licensed, it will display 'Shavlik NetChk Spyware'. If both products are licensed, it will display 'Shavlik NetChk Protect'.
    • Added anti-spyware scanning and remediation
    • The default installation behavior for patch deployment has been changed in this release. By default, the patch deployment process will install the Shavlik Scheduler Service on each machine being patched. This scheduler service replaces the need to use the MS Task Scheduler. (The Shavlik Scheduler Service is more robust than the MS Task Scheduler and will run jobs that it may have missed when the machine was turned off. This service is also more reliable than the MS Task Scheduler when it comes to launching tasks on Windows NT 4.0 and Windows 2000 systems.)

      By default, the Shavlik Scheduler Service will remain installed and running on remote systems - even after patches have been installed. The persistent state allows for faster patch deployments in the future. If you wish, you may configure the console to remove the Shavlik Scheduler Service after each deployment task is complete, or you may instruct the console to use the MS Task Scheduler rather than the Shavlik Scheduler Service. These configuration options are located under Tools-Options-General-Scheduling.
    • The default Shavlik NetChk Spyware scan function also uses the Shavlik Scheduler Service to initiate scans of remote systems. The Shavlik Scheduler Service will be installed on all machines during the spyware scan. This is known as the 'Dissolving Service Scan'. The alternate option is known as the 'Network Scan' and can be chosen in the spyware scan template. The Shavlik Scheduler Service associated with the Dissolving Service Scan can be configured to automatically remove the service when the scan is done, via Tools-Options-General-Scheduling.
    • Includes updates from SKB1956 scan engine hotfix
      • The E-Mail alerting and reporting functions have been fixed and should now operate as expected.
      • Fixed error where auto-deploy after a scheduled scan was not functioning.
      • General GUI navigation speed has been improved when viewing large scan results and when creating new or viewing existing scan or deployment templates.
      • Corrected errors with report generation.
      • Fixed option to scan for and deploy using patchtype 'Shavlik Security Agents'.
      • Corrected errors that occurred when updating machine properties.
      • Corrected error that prevented machines from being removed from the Ignore Items section of a machine group.

    Bug Fixes:

    • Reporting
      • Fixed an query in the report engine that would display one machine's results multiple times in the Detailed Scan Summary report
5.1

Released 06/09/2005

    New Features and Enhancements:

    • The scan engine can now scan up to 256 machines concurrently. This feature is available to Shavlik HFNetChkPro 5 Plus customers
    • The scan engine has been updated to include support for the following products
      • Firefox 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4
      • Real Networks RealPlayer 10, 10.5
      • Adobe Acrobat 4, 5, 6, 7
      • Acrobat Reader 4, 5, 6, 7
      • Acrobat Distiller 4, 5, 6, 7
      • Acrobat Elements 4, 5, 6, 7
      • Internet Explorer 7
      • SQL 2005
      • .NET Framework 2.0
      • Windows Server Update Services
    • Includes updates from SKB1744 scan engine hotfix
      • Supports faster scanning from Windows 2003 SP1 consoles. The engine has been updated to use a new XML parser engine that works with WS03 SP1
      • Supports scanning from a Windows XP SP2 console.
      • Differentiates between MSDE and SQL Server 2000. This will allow for proper installation of MSDE and SQL Service Pack 4.
      • Supports detection of MSXML 3 SP7. This engine removes the 'SP5 is more recent than SP7' messages that were displayed when scanning an MSXML 3 SP7 system.
      • Supports detection of MDAC 2.8 SP1. This engine removes the 'Gold is more recent than SP1' messages that were displayed when scanning a system with MDAC 2.8 SP1.

    Bug Fixes:

    • Scanning
      • Fixed error where scheduled scans didn't always download the latest available XML data files
      • Fixed error where FullScan was performing security, non-security, tool, and Security Agent patch scans. FullScan will now perform only security update scans (with checksums)
    • Deployment
      • Fixed error when performing Test deployments from a SQL database connected console: -2147217900, Invalid column name 'machinename'.; frmViewer muToolsSimulateInstallSpecify_Click()
      • Fixed issue where scheduled scans with autodeployments would not always launch the deployment
      • Fixed issue with Office patch deployments where Office installation requires CD2 or CD3
      • Updated the deployment process to always patch the deployment console LAST, if the deployment console was one of many machines scheduled to receive a deployment
      • Fixed error Method '~' of object '~' failed; frmViewer muPatchesDeploySelectedPatches_Click() when two consoles using the same SQL database are performing deployments at the same time
    • User Interface
      • Fixed error: frmViewer m_oPatchPanel_TabChange(TabName=lblTabMissing)
      • Fixed issue when adding a patch comment where patch comment would not display in the lower right patch panel
      • Removed function to "Send Message to..." a remote system
      • Fixed error in Help-About to properly display the number of used licenses
      • Fixed -2147418107: Component: modHFUtilities GotFocus error when browsing scan results
      • Fixed error that displayed when clicking Machines-Machine Properties immediately after completing a scan
    • Reports
      • Fixed error in Advanced Report Criteria where 'Exclude IP' was not working properly in some reports
      • Fixed error in Deployment Seat Status to properly display number of used licenses
      • Fixed error in Top Ten Vulnerable Machines report where scan date and time was not displayed
      • Fixed error where not all machines were appearing in the Machine Status report
      • Fixed error in Detailed Scan Summary report where some machines would appear multiple times
      • Fixed error in Machine by Patch report where patch counts weren't being properly displayed
      • Fixed unhandled exception error in report generation when using Advanced Criteria
    • EMail
      • Fixed error where pre-deployment notification email did not display the date and time for a scheduled deployment
      • Fixed error where deployments would not complete if multiple post-deployment email reports were selected on a SQL connected console
5.0.1

Released 04/07/2005

    New Features and Enhancements:

    • Support for HF 5.0 Agents
    • Support for running the HFNetChk console under Windows XP SP2

    Bug Fixes:

    • Upgrade
      • Fixed bug where pre-defined e-mail recipients did not appear after an upgrade from version 4.3
      • Fixed bug where the machine entries were not correct after an upgrade from version 4.3
      • Fixed error that occurred when scanning a patch group after upgrading from version 4.3
    • Scanning
      • Fixed error that caused scan by criticality to not work correctly
      • Fixed problem when scanning from an XP SP2 console that resulted in "Machine not found" errors.
    • Deployment
      • Fixed error where deployments would fail if the machine name could not be resolved to an IP address
      • Fixed error where custom actions associated with a particular patch would not work for non-English patches
      • Fixed error that caused the option to Reboot at the next occurrence of a specified time to always reboot at midnight
      • Fixed error that might cause XP SP2 download to report that the file is unsigned
      • Fixed error that would cause patches to be deployed to more machines in the scan than were selected. This occurred only for certain types of scans and only when selecting machines from specific groups.
      • Fixed error where pushing custom files only pushed to the first machine in a multi-machine deployment
      • Fixed error wwere auto-deploy after a scheduled scan resulted in a copy-only deployment
      • Fixed error where some deployments to Windows NT failed to execute
      • Fixed error where certain valid scheduling parameters resulted in an error saying the deployment is scheduled to occur in the past
    • User Interface
      • Fixed problems associated with keyboard navigation
      • The Uninstallable icon now displays for missing patches as well as for installed patches
      • Fixed error that could occur if a deployment template is not selected in the Deployment Configuration dialog
      • Fixed error that occurred when re-entering CLOUC after the initial installation
      • Fixed error that occurred when clicking "Do I need a proxy?" in the Tools|Options dialog
      • Fixed erroneous error message when clicking the "Test Credentials" button for Office media location
      • Fixed error when deleting a deployment template that contains custom actions or Office paths
    • Reports
      • Fixed error when selecting Machine Properties in the Advanced Filters
      • Fixed error when viewing a machine that was not scanned
      • Fixed error in Criticality status count
      • Fixed error where Deployment Report sometimes showed the wrong Service Pack name
      • Fixed error in generating reports from a SQL database using SQL authentication
      • Fixed error in Patch Status Detail report regarding the number of machines missing a patch
      • Fixed Service Pack installed count in the Patch Status Summary report
      • Fixed error in the Machine Status report that caused some machines not to be included

What's New

The Communicators Corner: Demystifying Distribution Servers
This is the first of many “meat and potatoes” blog articles that I will be ...

Integrating with 3rd Party Components: Why Java is still not being updated in your environment.
With the Oracle CPU fresh in our minds I thought this would be a good time ...

July Patch Day Round-Up
Oracle has released their quarterly Critical Patch Update.  There is a long...