SUS question.....

warcrow

Lifer
Jan 12, 2004
11,078
11
81
I'm checking over security updates for our SUS server. It looks like several servers did not take the update:

- Anyone know of any common issues as to why this happened? (I've asked management about migrating to WSUS, and it doesnt look like thats going to happen)

- I also need to check out which updates require reboots. I'm installing MS05-050, MS05-051, and MS05-052. I've checked MS website on these updates (EX: http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx), where would it list on these pages where a reboot is required? I read through all 3 pages for each update and didnt see anything saying (this update requires a reboot).
 

skace

Lifer
Jan 23, 2001
14,488
7
81
I've seen very, very few critical updates that didn't require a reboot. So expect it and schedule it as such.

Check the SUS registry settings on the servers that didn't properly pull the patch.

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate

If need be compare it to other servers in your environment.

It is strange that you are using SUS for servers, I'd rather use something like HFNETCHK PRO.
 

warcrow

Lifer
Jan 12, 2004
11,078
11
81
skace, you're the man. :)

HFNETCHK is expensive once you hit over 10 nods, and this rather large, controlled company would not budge on that app. I'm trying to get them to migrate over to WSUS. :)

I'll check this out and see if it works.
 

Homerboy

Lifer
Mar 1, 2000
30,859
4,976
126
1 vote for WSUS... I know that doesnt help you too much but its amazingly nice for patch update management (props to joemonkey to turning me onto it and selling me on it).