locked
Several Updates Missing from "All Software Updates" RRS feed

  • Question

  • We've been using SCCM 2012 to patch our systems for a few months now and I thought everything was going smoothly until we got an audit back from out Security office about our boxes missing several patches, listed below.  

    So I go back to the SCCM console to check whether or not the patches were listed in the "All Software Updates" group and also the custom Software Update Group that I was deploying to the systems.  And to my surprise, none of the updates were listed.  The only Software Update Point Classifications we have not enabled are Tools, the rest are enabled. I've also verified that the Software Update Point Products have Windows Server 2003, Windows Server 2008, R2, 2012, and 2012 R2 which encompass the OS of the servers that were found to be deficient.

    1. Why are these updates not listed in SCCM?
    2. How can we ensure they get listed in SCCM and applied to our servers?
    3. How can we prevent this from happening in the future?

    2750841: An IPv6 readiness update is available
    2775511: An enterprise hotfix rollup is available
    2732673: "Delayed write failed" error message when .pst files are stored on a network file server
    2728738: You experience a long logon time when you try to log on to a Windows client that uses roaming profiles
    2862973: Update for deprecation of MD5 hashing algorithm for Microsoft root certificate program
    2574819: An update is available that adds support for DTLS
    2894854: An update is available - .NET Framework 4.5.1
    2894844: Description of the security update for the .NET Framework 3.5.1
    HOTFIX : RDS-based applications crash in Windows 7 SP1 or Windows Server 2008 R2 SP1 or Windows Server 2008 R2 SP1 (x64)
    • Edited by RUCNOK Wednesday, February 5, 2014 4:35 PM
    Wednesday, February 5, 2014 4:33 PM

Answers

  • Hi,

    I can't say I have checked all of the updates that you post here but the ones I did check and I normally deploy as well are not published in Windows Update and that is why you don't see them i either WSUS och Configuration Manager. They are Hotfixes and not updates that are published there. So you need to download them and either import them using SCUP or deploy them using normal Software Distribution.

    Regards,
    Jörgen


    -- My System Center blog ccmexec.com -- Twitter @ccmexec

    Wednesday, February 5, 2014 6:30 PM
  • A blog post I did recently that reinforces what Jorgen is saying: http://blog.configmgrftw.com/?p=720

    Ultimately, not every update is available in the update list available via WSUS.


    Jason | http://blog.configmgrftw.com

    Wednesday, February 5, 2014 6:55 PM

All replies

  • Hi,

    I can't say I have checked all of the updates that you post here but the ones I did check and I normally deploy as well are not published in Windows Update and that is why you don't see them i either WSUS och Configuration Manager. They are Hotfixes and not updates that are published there. So you need to download them and either import them using SCUP or deploy them using normal Software Distribution.

    Regards,
    Jörgen


    -- My System Center blog ccmexec.com -- Twitter @ccmexec

    Wednesday, February 5, 2014 6:30 PM
  • A blog post I did recently that reinforces what Jorgen is saying: http://blog.configmgrftw.com/?p=720

    Ultimately, not every update is available in the update list available via WSUS.


    Jason | http://blog.configmgrftw.com

    Wednesday, February 5, 2014 6:55 PM