Shavlik NetChk Protect Version History

7.0.832.0

Released 06/30/2009

Major New Features:

Added antivirus / threat management engine to the NetChk Agent
Added on-access and on-execution Active Protection capabilities to the NetChk Agent

Shavlik NetChk Console

Refreshed and redesigned the main page with new charts and new items. New charts provide immediate view into the latest status of machines on the network. New items include 'How do I...' links to the Help File making it easier to get the most value out of NetChk Protect.
Multi-tasking GUI. Launch multiple scans, review results, initiate deployments - all at the same time.
Shavlik NetChk console can be installed on Vista systems
Enhanced the machine group interface. Machines can be sorted and grouped by a variety of attributes.
Enhanced the patch group interface. Patches can be sorted and grouped by a variety of attributes.
Enhanced the left navigator to use Outlook-style display
Enhanced patch download window. Patch download status is displayed for each patch being downloaded.
Enhanced the patch deployment test function. The test function follows the same code path as real deployments.
Added bulletin release date, bulletin title, and patch type columns to the patch group window
Added group name to patch scan results in the left navigator
Added ability to perform automated data file downloads every X hours
Distribution Servers can be synced every X hours
Enhanced the console functions to operate more efficiently\quicker when reading from large databases
Added ability to add machines to existing machine groups via right click menu option
Added ability to add patches to existing patch groups via right click menu option
Enhanced the Machine View - added smart filters, search capabilities, and sorting\filtering\grouping functions.
Added a column to the Machine View to display the last agent checkin date
Added Microsoft Exploitability Index values to patch data in the Patch View
Consolidated ports - the data rollup function uses same port number as NetChk Agents
Enhanced E-Mail selection window
Added ability to delete old machines from the machine view (as long as they're not currently occupying a deployment or agent license)
Improved speed and responsiveness -- the patch scan engine is 3x to 5x faster

Shavlik Agent Infrastructure

NetChk Agents do not require distribution servers. Data and engine files can be downloaded directly from the Internet.
NetChk Agent installations use an MSI file
NetChk Agent can be installed on Vista systems
NetChk Agent can be installed on the NetChk console
Enhanced the NetChk Agent scheduling capabilities. NetChk Agents now have the same flexible scheduling available in Agentless operations.
Multiple patch and threat tasks can be assigned to one policy
Enhanced the agent policy manager (multi-select)
NetChk Agent can be configured with a 'listening' port to receive agent policy updates and instructions instantly
Agent patch policies can leverage existing agentless scan templates
Agent patch policies can leverage existing patch groups. The 'approved patches' list has been replaced by selection of one of three options: deploy all missing, deploy from patch group, deploy all vendor Critical patches (or deploy patch group PLUS all vendor critical patches)
Agent patch policies can be configured to always scan for (and deploy) vendor Critical patches, eliminating the need to define and maintain patch groups
Agents checkin with the console for updated policies, rather than the distribution server
Enhanced the NetChk Agent client user interface
Added option to perform agent tasks X minutes after system start if previously scheduled start time was missed
Added ability for non-administrator users to launch patch and threat scans and perform remediations from the agent GUI (if configured to allow users to do this)

Other New Features, Enhancements, and Bug Fixes:

Fixed a bug where the patch scan engine might fail when doing aqentless scans of thousands of systems
Fixed a bug where canceling scans or deployments against offline VM images might not work properly
Fixed errors encountered when scanning offline VM images that are part of nested machine groups
Fixed a patch deployment bug where SystemRoot could not be identified on some systems
Fixed a bug where the Deployment Status Report would include data on all patches even though the report is set to filter on specific criticalities
Fixed a bug where Report Only users were able to delete scan and deployment results
Fixed a bug where the console display would not refresh properly after canceling a patch download
Updated NetChk Agent (patch) to correctly deploy certain SQL Server patches
Fixed a bug where deleting machine group credentials removed Domain credentials after the scan completed
Fixed a bug where custom patch features failed to execute on agent-managed machines
Fixed a bug where custom patch features failed to work as expected with R2 systems
Enhanced the console to provide better results for agents when agents perform multiple scans per day
Fixed a bug where Office media path credentials may not have been saved in the deployment template
Fixed a bug where deployments from a Windows Server 2008 console failed to execute on NT4 systems
Fixed a bug that prevented the use of a Distribution Server on a remote system where that location was the specified console download location
Fixed a bug where automated e-mails failed to operate for offline virtual machine images
Fixed a bug with NetChk Tracker where patch rescans were initiated before the target system was read to be rescanned
Enhanced NetChk Tracker with additional status messages to indicate that machine was restarted and was awaiting rescan
Enhanced the patch download status window to display download status for each patch
Enhanced the NetChk Agent so it can checkin with the console by using its IP address rather than hostname (Agent must be installed manually and console's IP address should be specified during installation)
Fixed a bug where canceling an agentless patch scan wouldn't cancel immediately
Modified the NetChk Console to only allow one running instance of the application
Fixed a bug where the 'Machines not Scanned' report would not allow filtering on individual scans
Fixed a bug in the NetChk Agent deployment process where the Agent icon wouldn't appear in the system tray when first installed
Fixed a bug where scheduling a deployment across a month boundary would fail if using the Microsoft scheduler
Fixed a bug where patches that had been uninstalled were not able to be installed again using the NetChk Agent
Fixed a bug where SafeReboot was not always executing on Windows 2000 systems
Fixed a bug where the Machine Inventory and Top Ten Missing Patches reports were not automatically sent out (as configured) at the end of a patch scan
Fixed a bug where patches with .msp extension were not not always being installed on Agent-managed systems
Fixed a bug where scheduled scans were using incorrect time and date when consolen was set to Danish regional settings
Fixed a bug where custom patches marked as 64 bit were looking into the 32 bit registry
Fixed a bug where SQL Server Service Packs could not be installed from the Summary by Patch screen
Fixed a bug where offline VM image scans did not return the target system's workgroup name
Fixed a bug where filtering by comment did not work in the advanced filtering report options
Fixed a bug where canceling a scan of offline VM images may leave some images mounted

6.5.2.611

Released 01/21/2009

Bug Fixes:

Fixed an issue where agents might uninstall themselves if they were unable to contact the Shavlik console
Fixed an issue where the malware scan engine fails to scan when multiple user accounts exist on the target system
Fixed an issue where deployments using the Microsoft scheduler would be scheduled a month out if the scheduled time already occurred
Fixed an issue where deployments to an x64 system from a 32 bit console would use the Microsoft scheduler rather than the Shavlik scheduler
Fixed an issue where the agent installer port could not be changed from the default port number 3121
Fixed an issue where the NetChk Patch Service fails to autostart after a console reboot. Also fixed an issue where the NetChk Patch Service might fail to start if the Service was unable to connect to the database on a local or remote system. These two changes should enhance the reliability of the PatchPush Track function.
Added a second credential option to the domain scanning function on the machine group window. The second provided credential will be used to enumerate membership of the specified domain in instances where the currently logged on console user does not have access to that domain.
Fixed an issue where the reboot function on a Windows Server 2003 system would not provide a 'reason for shutdown' and could therefore cause the system to pause at startup until this reason is entered.
Fixed an issue where manually installed agents might result in the following error during a patch or malware scan "stSchedEx.exe has encountered a problem and needs to close"
Fixed an issue where the Shavlik console process might fail to end when the application is shutdown
Fixed an issue where tasks might fail to be scheduled on remote systems where IPv6 is present
Fixed an issue where the system may not reboot as expected if a non-administrative user is logged on at the time the reboot is expected
Fixed an issue where an 'Unexpected Error' might be encountered when using the 'scan with' option from the File menu
Fixed an issue where choosing a Service Pack to deploy from the missing machines tab under the 'Summary by Patch' view would display 'Service Pack 1' as the only available Service Pack to deploy.
Enhanced the deployment configuration dialog box so that the 'deploy now' button was not selected by default
Changed the default focus on the deployment status window to 'close this window' rather than 'cancel'
Fixed an issue where machine names display as truncated (underneath) the machine icon in the scan view
Fixed an issue where the IAVA Reporter utility failed to function with version 6.5
Fixed an issue with a registry key entry on the Shavlik console that prevented certain system backup utilities from functioning correctly
Fixed an issue where duplicate Service Pack names appeared in the custom actions window
Fixed an issue with custom actions assigned to Service Pack deployments where incorrect SP info might display in the Edit window
Fixed an issue where running the 'apprunonce' function would re-install Shavlik services with different service names than the original service names
Added descriptions for the Shavlik installed services
Fixed an issue where OU enumeration credentials might not be saved in the GUI
Fixed several issues that caused unhandled exceptions when editing machine groups containing nested groups
Fixed an issue in the PatchPush Tracker application where some patches would fail to appear in the PPTracker GUI if a large number of patches was being deployed
Fixed an issue with malware scan results where signature evidence for one piece of malware might incorrectly appear as signature evidence for another piece of detected malware
Modified the application EULA

6.5.1.527

Released 10/13/2008

Bug Fixes:

Fixed a bug where deployments would fail to initiate, including those performed after rescans, from the NetChk Home Page, and as part of an auto-remediation task following a scan
Fixed a bug where deployments were failing with 'Invalid Optional header type' in the PM.log file
Fixed a bug where console-based scheduled activities weren't upgraded when installing a new version of Shavlik NetChk
Modified Shavlik Agent behavior so that it operates on new agent policy immediately after receiving updated policies
Fixed an issue where the Shavlik Agent wasn't able to be installed from the Machine Properties window
Fixed an issue where the Save button wasn't available when changing agent policies in the machine properties window
Modified Distribution Server behavior so that agent installs don't require full file synchronization to all Distribution Servers
Fixed a bug where remote patch repositories weren't being updated properly
Fixed an issue in the scan engine where the target system's Operating System wasn't being identified if the scan engine encountered a 'Server too busy - error 1726' event
Fixed an issue in the SafeReboot window where the Snooze bar appeared when it wasn't configured to do so
Fixed an issue where scheduled scans weren't respecting the 'run disconnected' setting in the Tools-Options menu
Fixed a bug where deployments were failing if the target machine was removed from the machine group in which it was initially scanned
Fixed an error that occurred when choosing to email scan status results from the machine summary window
Fixed a bug where exporting report data containing no results caused an exception
Fixed a bug in the machine group window where Tools-Export Text File was outputting XML instead of TXT
Fixed a bug in the Deployment Detail report where the Bulletin Number and KB numbers weren't being displayed

6.5.0.489

Released 8/25/2008

New Features:

Added ability to perform patch scans and deployments to offline VMware Workstation, Server, and ESX Server images

Bug Fixes:

Fixed a bug where the agentless distribution server function did not respect primary vs secondary distribution server settings properly
Fixed a bug where the stschedex.exe process might crash on a target system
Changed the default configuration of the Safe Reboot dialog to remove the focus from the Reboot Now button so that it wouldn't inadvertently be pressed
Fixed a bug that allowed users to upgrade with the Shavlik application already open. The user interface would not behave properly until all instances were closed
Fixed a memory leak in the patch deployment function
Fixed a bug where the 'rename' and 'delete' right click options weren't working properly when executed on items in the left navigator pane
Fixed a bug where scans scheduled prior to Upgrade/Install continue to use old file version
Fixed a bug where the deployment configuration screen allowed date and time changes when 'install immediately' was selected
Fixed a bug where patch deployments failed on FAT32 systems
Fixed a bug where a job was not displayed in the Schedule Task Manager for Windows Server 2008
Fixed a bug that caused a crash when canceling an 'add credentials' request
Fixed a bug where distributions servers may have failed to synchronize with the console if Role Based Administration was enabled
Fixed a bug that caused the scan to fail and the scan status window to hang when scanning a large number of machines
Fixed a bug where remediation template option was displayed twice in the 'Tools - Options - General - Navigator' window
Fixed a bug where agent-based patch deployments would fail on Windows Server 2008 systems
Updated the license key upgrade process so that Audit keys will maintain proper reporting/output options
Fixed a bug where the 'filter by' function in the machine group window would fail to operate as expected
Fixed a bug where Windows Server 2008 machines would display 'OS not known for SP1' in the machine centric view'
Fixed a bug where a target system was told to reboot but would not reboot if no user was logged on

6.1.0.57

Released 5/13/2008

Bug Fixes:

Fixed a bug that prevented deployments from occurring on some systems due to incorrect ACLs on the windows\propatches folder
Fixed a bug where large patch deployments failed with 'out of memory' messages
Fixed a bug where 'download all patches' failed to operate
Fixed an issue where stPatchAssessment.exe continued to run even after all patch scans completed
Fixed a bug where agent policy creation would crash if passwords were supplied
Fixed a bug where the version 6.0 dissolving scheduler failed to dissolve when performing remote deployments
Fixed an error that caused target systems to display a crash for cl5.exe and/or stschedex.exe
Fixed a bug that prevented 'deploy all missing patches' from operating when selected from scan items in left navigator
Fixed a bug where sorting or grouping data by download icon or agent status in the Machine Centric View would make the relevant icons disappear
Fixed a bug where copying a patch group would simply rename the selected patch group
Fixed a bug where agent policies could not be edited if they were created in earlier versions of the product
Fixed a bug where agent scan results were not appearing in the Machine Centric View
Fixed a bug where the Machine Centric View would error when filtering by a large patch group
Fixed a bug download icons would not appear for some patches after download new Shavlik XML files
Fixed a bug where cross-domain deployments would fail with a message about invalid credentials
Reverted behavior back to pre 6.0 functionality so the scan engine will respect both patch group and patch type filters specified in a scan template

6.0.10.640

Released 3/06/2008

Updates:

Modified the database conversion routine during the installation process to address the following issues
- Corrected a database issue where in some cases it was not possible to remove selected machines from a machine group
- Corrected a database issue that might prevent deployments from occurring
- Updated the database conversion process to address an issue where some databases were not successfully converted during the installation process
Notes: Customers that have successfully installed 6.0 and have not experienced the above issues do not need to to upgrade to this version. Customers who have installed 6.0 and are experiencing the above issues should contact support@shavlik.com to obtain a standalone database repair tool as installing this version on top of an existing version 6 installation will not correct these issues.

6.0.10.636

Released 3/06/2008

Updates:

Modified the database conversion routine during the installation process to address the following issues
- Corrected a database issue where in some cases it was not possible to remove selected machines from a machine group
- Corrected a database issue that might prevent deployments from occurring
- Updated the database conversion process to address an issue where some databases were not successfully converted during the installation process
Notes: Customers that have successfully installed 6.0 and have not experienced the above issues do not need to to upgrade to this version. Customers who have installed 6.0 and are experiencing the above issues should contact support@shavlik.com to obtain a standalone database repair tool as installing this version on top of an existing version 6 installation will not correct these issues.

6.0.10.636

Released 2/19/2008

Major New Features:

All of the fixes and new features from prior versions and hot fixes, plus

Added new Managed Machines view - now called 'Machine Centric View. Provides aggregate status for patch and malware scans which can be sorted by domain, machine, or item. Deployments\remediations may be initiated directly from this screen. The Machine Centric View can group and sort data by any column (drag column header to the leftmost column to group by selected column.)
Added Custom Patch Support. Using a wizard-like custom patch editor, define customer products and/or create custom patches for new or existing products. Enables scanning and deployment for custom products and patches alongside publicly supported products and patches.
Added Multiple Agent Policy Support. Unique agent policies may be created and applied to distinct groups of machines, including items to scan and remediation, times to scan, and reboot attributes.
Added Role-Based Administration. Assign local and/or domain user accounts to one of five NetChk roles: Administrator, Full User, Scan and Report only, Deploy and Report only, and Report only.
New Product Support. A complete list of products supported by Shavlik NetChk Protect can be found here: Supported Products in version 6.0

Other New Features, Enhancements, and Bug Fixes:

Added ability to scan systems where the systemdrive share (such as C$ or D$) has been disabled
The 6.0 installation process will automatically migrate scheduled scans from 5.81 and later consoles
Added support for deploying Microsoft Office patches and service packs when the Office application is a different language than the Operating System
Removed support for the JET (MDB) database and included a new SQL database setup tool
Updated safe reboot to display the countdown window on 64 bit systems
Udpated safe reboot to display the countdown window on Vista systems
Updated safe reboot to display the countdown window to the primary Terminal Service session
Added ability to create a custom timeout period before reports are auto-emailed - to allow for all scan results to be uploaded to the database prior to sending the emailed report
Improved console performance when launching the Netchk application which is connected to a database with large numbers of scans
Improved overall PatchPush Tracker performance
Enhanced report generation process to create large reports faster using less memory
Added ability to install the application on Windows Server 2008 systems
Enabled ability for users to see all created distribution servers
Enabled users to view all email addresses
Added ability to modify patch agents to only scan for certain patch types - based on registry key setting (2039)
Modified scan results so domain name will be shown in domain column, rather than OU name, when scanning by OU
Enhanced log maintenance. Patch scan and remediation logs (hf.log and pm.log) will not be overwritten during each scan or deployment. Logs will grow to a customizable max size (100 meg default) before starting a new log file. Prior log file is saved.
Fixed a bug where the scan engine failed to retry authentication with the currently logged on credentials when the supplied credentials failed
Modified scan engine behavior - when scanning for a specific set of patches (patch group), the 'patch type' filter will be disregarded
Fixed bug where the PatchPush Tracker default listening port would not change when modified in the tools-options dialog
Corrected safe reboot execution date attributes to respect international date formats
Corrected an issue where attempting to import machine credentials for a machine group would fail
Fixed an issue with auto-emailing the Patch Scan Summary report where the report would fail to generate when SQL Server authentication was used with the Shavlik database
Modified Office Media Path to work whether a trailing backslash was included in the path or not
Removed International Mode Download Center option as this capability has been fully integrated into the product
Modified all Shavlik related service names to start with 'Shavlik'
Fixed an error that occurred when importing large numbers of machine names to a machine group (greater than 10,000 machine names)
Added support for managing machines names containing multibyte characters

5.9.0.145

Released 4/30/2007

New Features:

All of the fixes and new features from prior versions, plus

Added MBSA compatibility. Scan results can be output to MBSA XML format where they can then be viewed in the MBSA console.
Added the ability to scan an unlimited number of systems for a limited set of products. The limited set of products are those that are not typically managed via traditional Microsoft technologies such as: Step by Step Interactive Training, Office 2000, ISA Server, and Visual FoxPro (to name a few)
Added ability to install a Limited Agent that will perform patch assessment functions for a limited set of products.
Added the following new products to the scan engine:

Microsoft Visual Studio .NET
Microsoft Step By Step Interactive Training
Microsoft Front Page Server Extensions
Microsoft SharePoint Team Services 2002
Windows SharePoint Services
Microsoft Services for Unix
Microsoft Windows Journal Viewer
Word Viewer
Producer for PowerPoint
Visual FoxPro 8.0

A complete list of products supported by Shavlik NetChk version 5.9 can be found here: Supported Products in version 5.9
Changed the patch assessment XML file from hfnetchk6.xml to hfnetchk6b.xml
Enhanced the text displayed in the scan status window when launching a scan.

Bug Fixes:

Corrected several bugs related to using SQL Server as the data repository for Shavlik scans<
Fixed a bug report rollup from children to master consoles was not working if the child console was using SQL Server as the data store
Fixed a bug where the scan engine would slow down when scanning large numbers of systems
Fixed a bug in report generation when using advanced filters and selecting Service Packs
Fixed a bug where scheduled scans were not operating with the Shavlik Scheduler (they would only use the Microsoft scheduler)
Fixed a bug in the Test Deployment function when testing against 32bit Vista systems
Fixed a bug in the Shavlik Scheduler where CPU would rise to 100% if the scheduler was able to obtain the requested TCP port number
Fixed a bug where the scan engine was failing to use the supplied proxy credentials
Fixed a bug where scheduled scans were not functioning when the admin was logged off of the system hosting the NetChk console
Fixed a bug in report generation for reporting by machine type
Fixed a bug where several Service Pack entries failed to display download icons<
Fixed a bug where remote console synchronization would fail when missing specific data files

5.8.1.136

Released 1/30/2007

New Features:

All of the fixes and new features from prior versions, plus

Added NetChk Spyware (in Protect version) including support for non-bizware applications
Added ability to do patch management for x64 systems
Added ability to manage Windows Vista systems
Modified the patch scan engine to enable new product support via XML file updates (vs. new releases of the scan engine)

Bug Fixes

Fixed a bug in the scan engine where scanning 'only for missing patches' would not return a scan result
Fixed a bug where a text file containing a list of patches that was linked to a scan template did not function as a patch filter
Fixed a bug where double reboots might occur in some instances
Fixed a bug where credentials in nested groups weren't being used

5.8.0.577

Released 10/23/2006

New Features:

All of the fixes and new features from prior versions, plus

Added Agent functions to supplement agentless scanning. Deploy agents to frequently disconnected devices (laptops) or other systems where it's not possible to perform agentless patch management. Also added is a centralized patch policy service that can be distributed to agents being managed by remote consoles. See new Agents menu option in the console menu bar for more information.
Added enterprise reporting functions. Under tools-options, select a parent console which will receive a copy of all scan and deployment results. Choose replication frequency, etc. Distributed consoles can send all of their data to a specified central console for aggregate reporting across all consoles.
Enhanced Report functions. Choose to create reports from a selected console, or across all consoles. Also, new aggregate reports are available to display the most recent results for each machine across all scans performed.
New Reports. Two new reports have been added: Machine Status by Patch Count, and Deployment Percentage by Patch
Added option to scan domain using browse list only. Under Tools-Options-Scan is a checkbox, that when selected, will scan only those machines that can be viewed by the network browse list, rather than the machines stored in the domain controller machine account list.
Added option to control discovery timeout. When scanning for existence of machines (via tcp 139 and 445), the scan engine will timeout after 5 seconds if it hasn't received a response. The Tools-Options-Scan menu provides a connection timeout field that can be adjusted up or down as needed to account for slower bandwidth connections.
Added option to disable supersedence. In Tools-Options-Scan menu, a checkbox exists to disable supersedence. When checked, the scan engine will display ALL missing patches, rather than only those that necessary. Superseded missing patches are only display for items where no superseding patch has already been installed.
Added option for children consoles or distributed consoles to download XML files, engines, custom files, patches, and service packs from specified upstream Shavlik consoles or distribution servers (rather than each console downloading this data from the vendor websites)
Updated scan engine. The 5.8 patch scan engine has been redesigned. As a result, scan times may be up to 30% faster, scans can leverage dependancy data in the XML files for better scan results, and the scan engine can be easily extended to support new products and architectures via XML files updates.
Modified default scan templates. Changed name of QuickScan to Security Patch Scan. Removed Full Scan template from new installs (will still be present on previous installs).

Bug Fixes:

Corrected an error when testing credentials against a group of machines where incorrect credentials were supplied
Fixed a bug where scanning for software distribution patches via a patch group might fail to scan as expected

5.6.0.446

Released 4/4/2006

Bug Fixes:

All of the fixes and new features from 5.6.0.444 plus

Fixed a bug where scans would hang or error (91) when the console is behind a proxy server
Corrected errors in AutoUpdate and installation where a null database field wasn't being updated properly, causing the application to fail
Corrected errors in AutoUpdate and installation where application charting features would fail

5.6.0.444

Released 3/30/2006

New Features and Enhancements:

Spyware

Added client-side spyware active protection
Added ability to remove Layered Service Provider (LSP) spyware signatures
Added ability to quarantine spyware
Added ability to rollback spyware remediations
Added ability to control spyware quarantine retention time and file size
Added ability to view remediated spyware signatures in the spyware scan results and reports
Added active protection tab to Tools-Manage Machines display properties window
Improved the spyware scan engine scan time
Added configuration option in Tools-options for spyware scan timeout

Console

Added scan-type dialog prompt when launching scans from main page
Added configuration option in Tools-options for connection timeout when enumerating machines during a scan
Added ability for the console to use the Shavlik scheduler for scheduled tasks
Added maintenance expiration dates to Help-about window
Added popup dialogs to alert user about upcoming maintenance expiration
Updated the Shavlik Scheduled Tasks Manager interface
Added ability to cancel or reschedule scheduled tasks via the Shavlik scheduled tasks manager interface
Updated the SQL Updater Tool to work with SQL 2005 databases

Bug Fixes:

Spyware

Fixed bug where the spyware scan engine might consume 100% CPU upon machine restart
Fixed bug where spyware scan engine would fail to operate on a target machine with limited memory
Fixed bug where the spyware scan engine would fail to detect cookies
Fixed bug where the spyware scan engine might automatically restart upon machine restart
Updated the spyware scan engine CPU throttling algorithm
Fixed bug where a file shortcut with a '$' symbol in the name was not being removed during a spyware remediation
Reduced the time to schedule spyware remediation when remediating multiple machines at the same time

Patch

Includes updates from the SKB2687 scan engine hotfix
Fixed bug where the patch scan engine might fail during the patch import process
Fixed bug where the patch scan engine might cease to operate during large network scans
Fixed bug where canceling a patch scan would fail to show scan results for those machines that had completed scanning
Fixed bug where Products under Patch Information would fail to expand when selecting the '+' symbol
Fixed bug where the netchk patch service might cause the deployment process to hang at the 'building enforcement files' window
Fixed bug where the patch push tracker might fail and display 'Parameter is Incorrect'
Fixed bug where CSV export from Condensed Patch Listing report was showing null results
Fixed bug where some 32 bit systems were being detected as 64 bit systems during a patch scan
Fixed bug where command line patch scan output in CSV and TSV format included line breaks in the middle of an individual entry
Fixed bug in patch scanning that may have caused a patch to be reported as effectively installed instead of explicitly installed
Fixed bug in patch deployment that may have caused a patch to be reported as effectively installed instead of explicitly installed

Console

Fixed bug where the Shavlik scheduler would fail to use the custom install directory.
Fixed bug where recurring scheduled scans might fail to launch
Fixed bug where remediation\deployment would fail to a machine with a single quote in the machine name
Fixed bug where 'deploy at next reboot' might fail to launch
Fixed bug where deployment notifications with special characters would not work properly on French language systems
Fixed bugs relating to scheduled tasks and different time zones on the console and the target machine
Fixed bug where machine names might be cropped in some email notifications
Fixed bug where spyware.cab file was downloaded on every patch and spyware scan
Fixed bug where the Shavlik scheduler service was not stopped and/or removed after a patch deployment or spyware scan or remediation, as configued via Tools-options
Fixed bug where creation of new scan templates were not defaulting to the 'Quickscan' template settings
Fixed bug where proxy settings were not being properly determined when proxy settings were set to use 'automatic configuration'

5.5.1.754

Released 11/21/2005

Bug Fixes:

Corrected an issue where deploying patches via the Summary By Patch view would deploy patches to all machines whether the patch was needed or not
Corrected an issue where scheduled reboots using SafeReboot would occur before the scheduled time
Extended the spyware scan console timout value from 10 minutes to 40 minutes. Also added a registry key value to the console machine to control this timeout. To modify this value, go to HKLM\SOFTWARE\Shavlik\HFNetChkPro4\GUI\Options and change the 'SpyWait' decimal value to the number of minutes you'd like to use for the scan wait process
Fixed a crash when testing credentials associated with a machine group where both IP addresses and IP ranges where specified
Updated the spyware scan engine to better handle low resource environments on client machines
Enhanced the handling of sensitive information when this information was decrypted in memory

5.5

Released 08/31/2005

New Features and Enhancements:

Name changed from Shavlik HFNetChkPro to Shavlik NetChk Protect. The Protect name is used when both Anti-Spyware and Patch Management are installed on the same console. If only the patch product is licensed, it will still reflect 'Shavlik HFNetChkPro' or 'Shavlik NetChk Patch'. If only Spyware is licensed, it will display 'Shavlik NetChk Spyware'. If both products are licensed, it will display 'Shavlik NetChk Protect'.
Added anti-spyware scanning and remediation
The default installation behavior for patch deployment has been changed in this release. By default, the patch deployment process will install the Shavlik Scheduler Service on each machine being patched. This scheduler service replaces the need to use the MS Task Scheduler. (The Shavlik Scheduler Service is more robust than the MS Task Scheduler and will run jobs that it may have missed when the machine was turned off. This service is also more reliable than the MS Task Scheduler when it comes to launching tasks on Windows NT 4.0 and Windows 2000 systems.) By default, the Shavlik Scheduler Service will remain installed and running on remote systems - even after patches have been installed. The persistent state allows for faster patch deployments in the future. If you wish, you may configure the console to remove the Shavlik Scheduler Service after each deployment task is complete, or you may instruct the console to use the MS Task Scheduler rather than the Shavlik Scheduler Service. These configuration options are located under Tools-Options-General-Scheduling.
The default Shavlik NetChk Spyware scan function also uses the Shavlik Scheduler Service to initiate scans of remote systems. The Shavlik Scheduler Service will be installed on all machines during the spyware scan. This is known as the 'Dissolving Service Scan'. The alternate option is known as the 'Network Scan' and can be chosen in the spyware scan template. The Shavlik Scheduler Service associated with the Dissolving Service Scan can be configured to automatically remove the service when the scan is done, via Tools-Options-General-Scheduling.
Includes updates from SKB1956 scan engine hotfix

The E-Mail alerting and reporting functions have been fixed and should now operate as expected.
Fixed error where auto-deploy after a scheduled scan was not functioning.
General GUI navigation speed has been improved when viewing large scan results and when creating new or viewing existing scan or deployment templates.
Corrected errors with report generation.
Fixed option to scan for and deploy using patchtype 'Shavlik Security Agents'.
Corrected errors that occurred when updating machine properties.
Corrected error that prevented machines from being removed from the Ignore Items section of a machine group.

Bug Fixes:

Reporting

Fixed an query in the report engine that would display one machine's results multiple times in the Detailed Scan Summary report

5.1

Released 06/09/2005

New Features and Enhancements:

The scan engine can now scan up to 256 machines concurrently. This feature is available to Shavlik HFNetChkPro 5 Plus customers
The scan engine has been updated to include support for the following products

Firefox 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4
Real Networks RealPlayer 10, 10.5
Adobe Acrobat 4, 5, 6, 7
Acrobat Reader 4, 5, 6, 7
Acrobat Distiller 4, 5, 6, 7
Acrobat Elements 4, 5, 6, 7
Internet Explorer 7
SQL 2005
.NET Framework 2.0
Windows Server Update Services

Includes updates from SKB1744 scan engine hotfix

Supports faster scanning from Windows 2003 SP1 consoles. The engine has been updated to use a new XML parser engine that works with WS03 SP1
Supports scanning from a Windows XP SP2 console.
Differentiates between MSDE and SQL Server 2000. This will allow for proper installation of MSDE and SQL Service Pack 4.
Supports detection of MSXML 3 SP7. This engine removes the 'SP5 is more recent than SP7' messages that were displayed when scanning an MSXML 3 SP7 system.
Supports detection of MDAC 2.8 SP1. This engine removes the 'Gold is more recent than SP1' messages that were displayed when scanning a system with MDAC 2.8 SP1.

Bug Fixes:

Scanning

Fixed error where scheduled scans didn't always download the latest available XML data files
Fixed error where FullScan was performing security, non-security, tool, and Security Agent patch scans. FullScan will now perform only security update scans (with checksums)

Deployment

Fixed error when performing Test deployments from a SQL database connected console: -2147217900, Invalid column name 'machinename'.; frmViewer muToolsSimulateInstallSpecify_Click()
Fixed issue where scheduled scans with autodeployments would not always launch the deployment
Fixed issue with Office patch deployments where Office installation requires CD2 or CD3
Updated the deployment process to always patch the deployment console LAST, if the deployment console was one of many machines scheduled to receive a deployment
Fixed error Method '~' of object '~' failed; frmViewer muPatchesDeploySelectedPatches_Click() when two consoles using the same SQL database are performing deployments at the same time

User Interface

Fixed error: frmViewer m_oPatchPanel_TabChange(TabName=lblTabMissing)
Fixed issue when adding a patch comment where patch comment would not display in the lower right patch panel
Removed function to "Send Message to..." a remote system
Fixed error in Help-About to properly display the number of used licenses
Fixed -2147418107: Component: modHFUtilities GotFocus error when browsing scan results
Fixed error that displayed when clicking Machines-Machine Properties immediately after completing a scan

Reports

Fixed error in Advanced Report Criteria where 'Exclude IP' was not working properly in some reports
Fixed error in Deployment Seat Status to properly display number of used licenses
Fixed error in Top Ten Vulnerable Machines report where scan date and time was not displayed
Fixed error where not all machines were appearing in the Machine Status report
Fixed error in Detailed Scan Summary report where some machines would appear multiple times
Fixed error in Machine by Patch report where patch counts weren't being properly displayed
Fixed unhandled exception error in report generation when using Advanced Criteria

Fixed error where pre-deployment notification email did not display the date and time for a scheduled deployment
Fixed error where deployments would not complete if multiple post-deployment email reports were selected on a SQL connected console

5.0.1

Released 04/07/2005

New Features and Enhancements:

Support for HF 5.0 Agents
Support for running the HFNetChk console under Windows XP SP2

Bug Fixes:

Upgrade

Fixed bug where pre-defined e-mail recipients did not appear after an upgrade from version 4.3
Fixed bug where the machine entries were not correct after an upgrade from version 4.3
Fixed error that occurred when scanning a patch group after upgrading from version 4.3

Scanning

Fixed error that caused scan by criticality to not work correctly
Fixed problem when scanning from an XP SP2 console that resulted in "Machine not found" errors.

Deployment

Fixed error where deployments would fail if the machine name could not be resolved to an IP address
Fixed error where custom actions associated with a particular patch would not work for non-English patches
Fixed error that caused the option to Reboot at the next occurrence of a specified time to always reboot at midnight
Fixed error that might cause XP SP2 download to report that the file is unsigned
Fixed error that would cause patches to be deployed to more machines in the scan than were selected. This occurred only for certain types of scans and only when selecting machines from specific groups.
Fixed error where pushing custom files only pushed to the first machine in a multi-machine deployment
Fixed error wwere auto-deploy after a scheduled scan resulted in a copy-only deployment
Fixed error where some deployments to Windows NT failed to execute
Fixed error where certain valid scheduling parameters resulted in an error saying the deployment is scheduled to occur in the past

User Interface

Fixed problems associated with keyboard navigation
The Uninstallable icon now displays for missing patches as well as for installed patches
Fixed error that could occur if a deployment template is not selected in the Deployment Configuration dialog
Fixed error that occurred when re-entering CLOUC after the initial installation
Fixed error that occurred when clicking "Do I need a proxy?" in the Tools|Options dialog
Fixed erroneous error message when clicking the "Test Credentials" button for Office media location
Fixed error when deleting a deployment template that contains custom actions or Office paths

Reports

Fixed error when selecting Machine Properties in the Advanced Filters
Fixed error when viewing a machine that was not scanned
Fixed error in Criticality status count
Fixed error where Deployment Report sometimes showed the wrong Service Pack name
Fixed error in generating reports from a SQL database using SQL authentication
Fixed error in Patch Status Detail report regarding the number of machines missing a patch
Fixed Service Pack installed count in the Patch Status Summary report
Fixed error in the Machine Status report that caused some machines not to be included

Product Support