locked
WSUS 2012 R2 Missing all Windows 10 Patches RRS feed

  • Question

  • Yes I know it will take time but since Windows 10 has a bug where base image capture using sysprep only works if you dont allow machines to connect to Windows update I MUST use WSUS to pre-patch my base image. Here are all the patches that are missing from the WSUS catalog that I can not see. 

    • Security Update for Windows 10 for x64-based Systems (KB3074681)
    • Update for Windows 10 for x64-based Systems (KB3074686)
    • Security Update for Windows 10 for x64-based Systems (KB3074680)
    • Security Update for Windows 10 for x64-based Systems (KB3074679)
    • Security Update for Windows 10 for x64-based Systems (KB3074674)
    • Security Update for Windows 10 for x64-based Systems (KB3074667)


    These patches are not even on the old school Windows Catalog website. Strange given the older preview patches are up there. 

    Before you tell me to manually install them, Microsoft didn't post the bits for download. So yes this is my only way to pre-patch my base image. 

    Lastly, if any WSUS team members are reading this... it would be swell if WSUS actually reporting Windows 10 as Windows 10 instead of Vista. Windows release day was known for a while now, little reason for WSUS not to be ready. If I could be ready with my base image even with all the hardships Microsoft created for my team then the WSUS team should have been ready with the simple SQL fix for versioning and insisted to the Windows 10 team for the bits for the catalog. Oh and this also means SCCM isn't able to patch Windows 10 ether creating a MASSIVE security hole for domain joined systems. 

    Simply disappointed. 
    PS: Yes I have added the "Windows 10" category.



    Wednesday, July 29, 2015 8:04 PM

All replies

  • Hi Eric,

    I searched these updates in my WSUS and got the same result with you.

    According to the KB article of these updates, windows update may be the only way to get them installed.

    As a workaround, can we use the windows update to install these updates on individual clients after the deployment?

    Best Regards.


    Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, July 31, 2015 2:57 AM
  • Thanks for the confirmation, yeah its a chicken and egg problem for me. Microsoft decided not to address an issue with sysprep that was present the entire time during Windows 10 beta where if it reaches out to the internet even once you can no longer sysprep the machine (meaning no image creation). 

    Beyond that we can't really patch post deploy right now for the exact same reason, we use another Microsoft product, SCCM which ironically uses WSUS to pull its catalog for patching. 

    So until this is fixed I have some pretty serious security flaws in Windows that simply can not be patched. 

    What I don't understand is why on earth Microsoft isn't releasing the bits for direct download, we can do them manually. 

    Friday, July 31, 2015 9:15 AM
  • what's up with the sysprep issue? what do you find in setuperr.log and setupact.log? how does it fail?

    Friday, July 31, 2015 5:47 PM
  • Ill see if I can find some time to run through and get that log but it may be a few days. its widely known though, has something to do with AppX packages. 
    Saturday, August 1, 2015 11:38 AM
  • Well shoot. We are also seeing the same thing unfortunately, and we were so excited to give this a go in our enterprise. Being in financial services, we are mandated to have a patch cycle and be able to report when patching has been complete, without these updates being in WSUS, we do not have a way to do this at current.

    Really disappointed, not the end of the world, but disappointing none the less.

    Monday, August 3, 2015 12:42 PM