Sums the counts of applicable fixlets from multiple sites; currently "Enterprise Security" and "Updates for Windows Applications".
"Correctable" fixlets are defined as fixlets with a default action. Generally a fixlet with no default action is not correctable directly (for instance, it's simply a warning that an outdated product is present; or the correction requires a Microsoft support contract, etc.)
The individual breakdowns by Severity include "Correctable" fixlets only.
The list of relevant fixlets may be truncated by the maximum size of a result set.
This analysis works around two issues in the BigFix-provided data at the cost of some ugly relevance code:
- Because there are variations in the Severity among the sites and even among fixlets within the site, uses a Regex to force severities to alphabetic characters only. For instance, some fixlets mark Severity as "N/A", others as "n.a."
- Because a large number of fixlets fail to specify an "X-Fixlet-Type" value of "Fixlet", instead leaving it blank, this analysis looks for "X-Fixlet-Type" which are not a Baseline, Analysis, or Task.
This analysis should not be the only means of verifying your systems are up-to-date, but does provide a good overview. There are some valid security patches that do not have a Default Action, and thus would not be detected by this analysis.
Keywords: relevant, fixlet, patch, critical, important, moderate, low, regex, unique, distinct, multiplicity, sum, count, headers, site, X-Fixlet-Type, X-Fixlet-Default-Action, set of