You want to know what criteria is used for including patches in Symantec ESM Windows patch templates.
Symantec generally includes Critical, Important and Moderate security related patches in the patch templates published in the patch policies. Symantec does not include patches rated "Low" by Microsoft.
Microsoft gives ratings to patches such as Critical, Important and Moderate.
From time to time there is not enough information available to technically check for the installation of a patch at the time of the publication of the patch - in that case this will be documented in the release notes of the patch policies. Patch policies can currently be found at the following location: http://www.symantec.com/business/security_response/securityupdates/list.jsp?fid=esm&pvid=pp. The latest patch template can also be downloaded by means of LiveUpdate from within the ESM console.
Note: The Symantec ESM OS Patch policy updates the OS Patches (Patch) module templates and include all new security-related patches for the supported operating systems and applications.
The currently supported Windows operating systems are as follows:
Windows Vista Enterprise 32-bit
Windows Vista Enterprise 64-bit (x64)
Windows Server 2003 and 2008 64-bit (x64)
Windows Server 2003 and 2008
Windows Server 2003 and 2008 (Itanium)
Windows XP Professional 32-bit
Windows 7 on x86 and Opteron
Windows 2008 R2 on Itanium, Opteron, and Xeon
The currently supported applications are as follows:
Microsoft Internet Explorer (IE)
Internet Information Services Web server (IIS)
Microsoft SQL Server
Microsoft Exchange Server
Microsoft Internet Security and Acceleration Server
Microsoft Outlook Express
Microsoft Visual Studio
Microsoft Windows Media Player
Microsoft Windows SharePoint Services
These patch policies are designed for the Symantec ESM agents running SU 24 (and later).