Synopsis

An Update Package in Software Vulnerability Manager is a security and/or critical update patch that is built based upon a scan result for a product that was identified as vulnerable by the software. In this KB article, we provide more concrete information on the architectural design of Flexera packages.

Discussion

An Update Package in Software Vulnerability Manager is a security and/or critical update patch that is built based upon a scan result for a product that was identified as vulnerable by the software.

The Flexera Update Package comprises a minimum of two files:

• A software installer that is dynamically downloaded or manually downloaded
• A default JScript/Powershell Execution Flow template provided by Flexera with each package

Automatic Updates (blue entries) include the original vendor installer wrapped around the script to facilitate extra installation options and successful patch installation. For all other packages, the vendor installer must be downloaded manually and inserted in step 2 of the SPS packaging wizard. This second option enables you to update virtually any type of application using Software Vulnerability Manager.   

The SPS independence allows it to not only to successfully build almost any type of package, but it also allows it to export the package configuration as an XML template. Exported XML templates can be used to preserve a successful package configuration and to re-use the patch in a future deployment, or to enable SPS integration with other third-party software deployment tools if they support XML formatting.

Package Language Customization

By default, SPS downloads English-based software installers. However, you can change the default package language in one of two possible ways:

• Use Add Localization (Language) File option to select supported product language.
  
  

• Select the language of the package before entering the SPS Package Wizard through the right-click menu. Only packages supporting Localization will list the option to select language.
  
  

Package Debugging

All packages build in SPS include default debugging during installation. When package executes on a host, it writes the installation status in a log file named SecuniaPackage.log. There are other useful logs too.  The following log files can be very useful for troubleshooting package deployment and installation:

• C:\Windows\SecuniaPackage.log (disregarding how the patch was deployed, it always write in it)
• C:\Windows\WindowsUpdate.log (when the package is deployed via WSUS)
• C:\Windows\CCM\Logs\UpdatesHandler (on hosts)
• C:\Windows\CCM\Logs\UpdatesDeployment (on hosts)
• C:\Windows\CCM\Logs\WUAHandler (on hosts)
• C:\Program Files\Microsoft Configuration Manager\Logs\wsyncmgr.log (on the SCCM server)

Note: The logging information can assist Flexera Technical Support in solving your technical issues. It is best practice to send log files to Support with your initial support request for faster case handling. 

Sometimes it is needed to export SPS File executable and run it manually on a test host. You can get logging by running the package in command-line interface with debugging parameters appended to it.