Users discussed their experiences with using SecureDX to patch golden images in VDI, including issues with scans and remediation. Suggestions were given to check logs and potentially disable the CDN. A newly released version of SecureDX may have fixed the issues. Using manual deployments or quick uninstall/reinstall of the agent was suggested.
Read the entire ‘Experiences with Using SecureDX for Golden Image Patching in VDI’ thread below:
Anyone using SecureDX to patch golden images (VDI)? How has your experience been?
we are working on this now. the main thing we are trying to sort is the timing of scans or if we should even do scheduled scans vs on demand to execute the patch remediation. we have it slated to be completed in the next few weeks so will keep you posted
Thanks!
Got it set up and it deployed about 1/2 of the patches and they seems to be stuck like this since yesterday afternoon:
if you want to dive into the logs, you can find out why its hung. If you go into C:\Program Files\ControlUp\SRM\logs\files and send a screenshot of the logs there. you might have something with pending or in progress
if you crack open one of the folders, you will see where its doing downloads and remediations
looking at the logs will tell you if its stuck downloading, or installing
yeah so jump into this one
and another screenshot please
scanner log:
“`2024-11-22 09:22:12.671 DEBUG [MDES::mdesCorePrivateRemote::call_InstallPatch] [sdx_agent_methods.cpp@951]: Calling [Install Patch] for product…
2024-11-22 09:22:12.671 DEBUG [MDES::mdesCorePrivateRemote::prepare_install_patch_params_product] [sdx_agent_methods_install.cpp@141]: Calling [InstallPatch] method for 3rd party product [ SIG ID = 477]
2024-11-22 09:22:12.671 DEBUG [MDES::mdesCorePrivateRemote::validate_install_path] [sdx_agent_methods_install.cpp@200]: Expected patch folder path for [ 477] – Windows Defender – (4.18.2303.8) : C:/Program Files/ControlUp/SRM/data/patches/477
2024-11-22 09:22:12.671 WARN [MDES::mdesCorePrivateRemote::validate_install_path] [sdx_agent_methods_install.cpp@203]: Cannot locate patch folder for [ 477] – Windows Defender – (4.18.2303.8) : C:/Program Files/ControlUp/SRM/data/patches/477
2024-11-22 09:22:12.672 WARN [MDES::mdesCorePrivateRemote::install_patch_product] [sdx_agent_methods_install.cpp@70]: Exception caught while installing patch for : @
[Error]
ID : 174
Desc : Cannot locate patch
Text : Expected patch path : C:/Program Files/ControlUp/SRM/data/patches/477
File : sdx_agent_methods_install.cpp
Line : 204
2024-11-22 09:22:12.672 ERROR [MDES::mdesCorePrivateRemote::handle_install_patch_result] [sdx_agent_methods_install.cpp@280]: Patch Installation for failed@
[Error]
ID : 174
Desc : Cannot locate patch
Text : Expected patch path : C:/Program Files/ControlUp/SRM/data/patches/477
File : sdx_agent_methods_install.cpp
Line : 270
Data : (QVariantMap)
[
"method" : InstallPatch
"products" : (QVariantList)
[
]
"waapi_method_id" : 0
"waapi_return_code" : -1“`
ownload","created_at":"2024-11-22T14:18:18Z","device_action_id":198,"metadata":{"error":{"data_map":{"method":"DownloadPatch","products":[],"waapi_method_id":0,"waapi_return_code":-1},"error_desc":"MDES child process has been disconnected while performing an API call","error_id":184,"errors":[{"error_desc":"No Error","error_id":0,"file":"w:\\Work\\ControlUp\\projects\\brooklyn\\brooklyn-client\\src\\lib_util\\cu_error.h","line":87}],"file":"mdes_core_p_local_worker.cpp","line":535},"id":"-1","os_name":"Microsoft Windows 10 Enterprise","raw_data":null,"retry_number":2,"sub_action":"download","success":false,"test_id":"890830","will_retry":true,"will_retry_in":7200},"status":"failure"}
what version of securedx are you running?
@member pretty sure this was fixed in one of the recent builds
@member please manage it
Secure DX Version: 1.2.2410.31 Build 202410312133
are you using the controlup cdn or direct to the patch provider?
CDN direct Proxy is enabled
gotcha. maybe try disabling to see if it makes any difference
done. i’ll look at it later today to see if made any progress
sounds good. since its stuck, it wont try again for 24 hours. it tries for, 15 min, 3 hours, then 24 I believe. I may be wrong on the timing but that should be pretty close
ok, thx
if i create a new template, will it start faster?
yep. I would cancel the job, and create a new one
I don’t see a job to cancel.
did you do this as part of a template? or was it a one off job?
template
ok just kick off a manual scan
in progress
🫤
still pending. I disabled and am trying a manual deployment.
gotcha. yeah the other thing to try is doing a quick uninstall/reinstall of the agent
just to kick it in gear
i manually deployed the to KBs and now they are all showing as patched.
I’ll validate it next week. very odd behavior.
Have a nice weekend.
ok nice. yeah Id wait until the next release. I had this issue on a previous release
actually this is a known bug. I am working with dev to fix these KBs. there was a change with them and they are going to send me one soon to test. If it works, Ill let you know
KB890830 is a problematic one
notepad++ said no remediation was available and now it show patched. Also all the missing Misconfigurations and vulnerabilities are now showing as patched and I def didn’t deploy them.
Prob kicked off another scan and remediated.
Template is disabled
Continue reading and comment on the thread ‘Experiences with Using SecureDX for Golden Image Patching in VDI’. Not a member? Join Here!
Categories: All Archives, ControlUp Secure DX