locked
patches not visible in SCCM 2007 Site server even after approving the patches in WSUS RRS feed

  • Question

  • Hi,

    The patches are not appearing in SCCM 2007 site server after approving the same patches in WSUS.

    Below are the patches.

    MS14-080: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 7 - KB3008923 [23,186.1]
    MS14-018: Cumulative Security Update for Internet Explorer - IE 11 - KB2929437 - Windows Server 2008 R2 SP1 (x64) [4,32.4]
    MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB2992611 (x64) - V2 [1,8.3]
    MS14-038: Vulnerability in Windows Journal Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB2971850 [1,8.1]
    MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution - Visio Viewer 2007 SP1/SP2 [1,8.1]
    MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass - Windows Server 2008 R2 Gold (x64) [1,8.1]
    MS14-033: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure - Windows Server 2008 SP2 - KB2939576 [1,8.1]
    MS14-025: Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege - Windows Server 2008 SP2 - KB2928120 (x64) [1,7.8]
    MS13-014: Vulnerability in NFS Server Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) [1,7.7]

    I have approved the above patches in WSUS and ran syncronization. The log wsyncmgr.log show that synchronization is done and even all child sites are syncronized. But I am unable to find the above even in the parent site. Checked all the SUP settings and all the 2008 server updates are set and marked to download.

    Please help me out on fixing this.


    • Edited by Hemaprakash Wednesday, February 11, 2015 8:39 AM
    Wednesday, February 11, 2015 8:26 AM

Answers

  • I just checked this morning and both SU are listed within my CM12 environment. As such I would check you sync status and make sure that is working correctly.

    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Saturday, February 21, 2015 3:13 PM

All replies

  • So you should NEVER approve anything in WSUS. This will cause problems with your clients. Honestly since you approved things in WSUS, I would uninstall WSUS and reinstall it, reinstall the SUP, this will clear up any issues that now exist.

    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Wednesday, February 11, 2015 11:20 AM
  •  Re-installed WSUS and SUP recently.

    Even then patches  mentioned above are not appearing in SCCM.

    Please suggest further  why it is not appearing in SCCM and what needs to be done to make them appear in SCCM.



    Hemaprakash

    Thursday, February 12, 2015 10:14 AM
  • To be clear you reinstall wsus and the sup after you approved things in wsus, right?

    In cm12 console, you have selected all products and all classifications, right?


    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Thursday, February 12, 2015 10:57 AM
  • Yes. We have re installed WSUS and SUP after approving things in WSUS. yes  In cm12 console, We have selected all products and all classifications. Now the following updates are missing 

    MS14-018

    MS12-001

    Please suggest



    Hemaprakash

    Friday, February 13, 2015 7:51 AM
  • I just checked this morning and both SU are listed within my CM12 environment. As such I would check you sync status and make sure that is working correctly.

    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Saturday, February 21, 2015 3:13 PM