Novell Patch Management Content Impact Mapping for Microsoft classifications.

  • 3607791
  • 03-Apr-2008
  • 30-Apr-2012

Environment

Novell ZENworks Patch Management 6.4 - ZPM6.4
Novell ZENworks Patch Management 6.3 - ZPM6.3
Novell ZENworks Patch Management 6.2 - ZPM6.2
Novell ZENworks 10 Configuration Management

Situation

Novell Patch Management impact terminology for its patch subscription closely follows the vendor impact terminology for vulnerability criticality. Each operating system has a vendor-specific impact rating and that impact is mapped to a Novell rating as described in this section. Novell Patch Management under the recommendations of Lumension Security, tends to increase or “round-up” the severity of the impact rating. For instance, Microsoft classifications for “Critical”, “Important”, and “Moderate” patches are all classified as “Critical” by Novell
Table 4 Details the rationale and the Windows patch severities. Source: Lumension Security.
Table 4: Content Impact Mapping

Patch Type (Impact)

Critical

Recommended

Software

Windows

Critical Security

Important

Moderate


Service Packs (Critical-01)

Recommended


Low

Microsoft Outlook 2003 Junk E-mail Filter Update

Software Distribution



Microsoft Windows Malicious Software Removal Tool (Virus Removal)

Others

AV Updates (Critical-01)

Additional Information