locked
Windows Server 2019: Check for Updates installs updates automatically RRS feed

  • Question

  • Hi,

    is it a perhaps a bug in Windows Server 2019?!

    We have Group Policy for Windows Updates and use in our infrastracture WSUS. According to Group Policy, the updates will be downloaded to the system, and then an administrator will install manually the downloaded updates.

    We tested Windows Updates onsome  Windows Server 2019 machines.

    If the click "Check for updates", then the updates will be downloaded and automatically installed!!! That is fatal!

    If I check "View configured update policy", then our policy are listed for the updates. It seems all are correct.

    What is the issue here? A bug?

    Best regards

    Birdal


    • Edited by _Birdal Friday, April 12, 2019 8:50 AM
    Friday, April 12, 2019 8:47 AM

All replies

  • Hi Birdal,

    I believe this is by design, this behavior is since Windows Server 2016 actually.

    Here's a similar post discussing about this:
    Controlling Windows Update

    If you have any feedback about, you can give it in the link below:

    Windows Server Installation and Patching
    https://windowsserver.uservoice.com/forums/304618-installation-and-patching

    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    Friday, April 12, 2019 9:16 AM
  • Hi Leon,

    "BUG by Design"

    That is typical Microsoft Windows Updates strategy for a few years...

    Yes we saw this issue also (not always) on some Windows Server 2016 servers.

    Consider that a high critical server should be run with all applications. Consider also Windows installs the updates automatically and has negative effect during update processes on services of application!!!

    That is NO GO "strategy" from Microsoft.

    Best regards

    Birdal

    Friday, April 12, 2019 9:26 AM
  • Hi Birdal,
      

    I tested according to your description. It is indeed configured on your Windows Server 2019 according to your Group Policy scheme, and you mentioned the situation.But notice that this happens after the click "Check for updates", by default, "Check for updates" will download and install the update.
      

    It is recommended that you use the following powershell command instead of "click the button" (or you can use the GPO "automatic update detection frequency" to automatically check for updates).
      

    (new-object -Comobject Microsoft.Update.AutoUpdate).Detectnow()
       

    Hope the above can help you.
        

    Regards,
    Yic

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, April 15, 2019 1:52 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, April 19, 2019 6:27 AM
  • Hi Yic,

    no that is not related to our GPO deployment.

    Best regards

    Birdal

    Tuesday, May 7, 2019 2:47 PM