locked
After upgrading to 1803 - what do I do with the old 1703 security updates? RRS feed

  • Question

  • Hey fellas!

    I'm pretty new to the whole WSUS thing, but I've got something that seemingly works, alas with some micromanagement involved. Currently I'm looking at the list of updates categorized under security updates, and I'm seeing a whole lot of old Windows 10 Version 1709 updates.

    We've recently upgraded every last one of our machines to 1803 and I'm unsure wether or not I just decline all the older updates or keep them as it is.

    It's generally just a question as follows; Do I decline all updates older than 1803, if all our machines are running on 1803?

    Any help would be appreciated, thanks in advance guys'n gals. :D


    Monday, September 10, 2018 12:02 PM

Answers

  • Hello
     
    You are welcome and i am glad to provide my suggestion.
     
    When we decline a update, it would no longer available for clients (clients would not check if this update is needed)  and it would no longer show up in the WSUS console.
     
    Normally, we decline a update because there is a newer one which replaces or supersedes it, so we don't want clients to check with the old version.
     
    In your case, apparently the 1709 updates are no longer needed by your 1803 clients, so of cause you could decline them for removing from WSUS console. However, I suggest to keep them because there is no harm at all and they would be used in case that older system be added in your environment one day.
     
    Hope my answer could help you.
     
    Best Regards,
    Ray

    Please remember to mark the replies as answers if they help.

    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Draggix Tuesday, September 11, 2018 8:32 AM
    Tuesday, September 11, 2018 1:13 AM

All replies

  • Hello
     
    You are welcome and i am glad to provide my suggestion.
     
    When we decline a update, it would no longer available for clients (clients would not check if this update is needed)  and it would no longer show up in the WSUS console.
     
    Normally, we decline a update because there is a newer one which replaces or supersedes it, so we don't want clients to check with the old version.
     
    In your case, apparently the 1709 updates are no longer needed by your 1803 clients, so of cause you could decline them for removing from WSUS console. However, I suggest to keep them because there is no harm at all and they would be used in case that older system be added in your environment one day.
     
    Hope my answer could help you.
     
    Best Regards,
    Ray

    Please remember to mark the replies as answers if they help.

    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Draggix Tuesday, September 11, 2018 8:32 AM
    Tuesday, September 11, 2018 1:13 AM
  • Thanks a bunch man. I like to keep things as tidy as possible for my own sake, so I'll do a quick cleanup when things settle down at work. :)
    Tuesday, September 11, 2018 8:32 AM