locked
Data Integrity Check between on-premises WSUS to MS WSUS RRS feed

  • Question

  • Dear Team,

    Can some one assist on how to check the data integrity between the downloaded Microsoft patches in local WSUS server to Microsoft WSUS server

    For example, if Microsoft released the single latest patch and uploaded the patch in there WSUS server. Once uploaded then local WSUS server will fetch the patch and download it. Once the download is completed then how I would check the data integrity between downloaded patch and available patch in Microsoft WSUS server

    Thanks,

    Girish

    Friday, March 22, 2019 3:14 AM

All replies

  • Hi Girish,
      

    Thank you for posting here.
    I found an explanation in this article "Secure WSUS 3.0 Deployment".
      

    • Updates consist of two parts: the metadata that describes the update, and the files to install the update on a computer. Microsoft mitigates the risk of sending update files over an unencrypted channel by signing each update. In addition to signing each update, a hash is computed and sent with the metadata for each update. When an update is downloaded, WSUS checks the digital signature and hash. If the update has been altered, it is not installed.
        

    For reference, the following thread also discusses this issue, and Lawrence also did some analysis: "Does WSUS verify patch authenticity?"
      

    Hope the above can help you.
      

    Regards,
    Yic

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, March 22, 2019 6:04 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, April 8, 2019 7:59 AM