HT i was going to ask the same question yesterday, thinking vuln detection might not be his primary objective. i knew about languard but not enough to comment having used it only once or twice but was intregged with their aledged ability to check for patchs and apply them if missing. i download the new version and tested it with absolutly disqusting results. im running SUS server now with gigabytes of patches and service packs but yet languard is telling me that some 2k machines are in need of service pack one:

The latest service pack for this product is not installed !
Latest SP available : Service Pack 1
http://download.microsoft.com/downlo...S/ie6setup.exe

i went to the machines in question and did a 'winver' they all have sp4 installed....not a real good call! each machine is also showing about sixteen other patches missing for vulns that have been fixed in past service packs. with the length of time they've been at it GFI should have taken this into consideration when they built their data base but then again its not detecting the service packs so thats a moot point.

my opinion....a waste of disk space