Event details
Since putting in Defender for Endpoint, the most vulnerable software at the top of the list is mostly Edge Chromium and Chrome. The frequency of these updates which supersede previous versions is getting in the way of getting this consistent. The release of a functional release days after a security release exasperates the process. In these two products cases, there are 60-70+ versions across the organization and many cases machines report having multiple versions of the browsers in both Chrome and Edge cases. Part of this could be due to process issues in the past from our deployment software. We are getting to the point of doing something quite radical with "uninstall ALL" and then install latest version. With 3000+ desktops you can imagine this is a very impactful decision. We do have approx 1.3 to 1.9 K on the latest version so this really pertains to the remaining 1.1 to 1.7 K of the machines.
- Altiris Patch Management is the delivery mechanism. The bulletin is MEDGE-221020 - Delivers both 64 and 32 bit but all our machines are 64. The MSI is MicrosoftEdgeEnterprise_106.0.1370.52_x64.msi. I do realize that this is an older method but it is a supported stream of patch delivery. Success is greater than 50% so overall things are working, we were just looking to see if there was a way to diagnose the stragglers and the reasons. Defender for Endpoint has helped raise the visibility on this. I was hoping for some diagnostic script we could run on those machines or we might need to run an uninstall across all machines with browser older than 105.