Further Hardening of WSUS Now Available For Configuration Manager Customers

Further Hardening of WSUS Now Available For Configuration Manager Customers

  • Comments 3
  • Likes

Hello, 

As we mentioned previously, Microsoft is releasing an update to further harden the Windows Server Update Services (WSUS) as a defense-in-depth precaution for our customers. This update is now available for download. As an additional measure, we are providing the SHA1 and SHA2 hashes of the WSUS update and the WU client files we released today. This allows administrators to verify that the files they download are from Microsoft. The hashes are listed in the update KB article. System Center 2012 Configuration Manager and System Center Configuration Manager 2007 are also impacted by this update’s further hardening, as software updates management is based on WSUS and is built-in. We strongly urge WSUS administrators to apply these updates as soon as possible to take advantage of the added security they offer. If you’d like to read more, please review the MSRC blog for more information.

Please follow the following steps to ensure a smooth deployment:

  1. Apply Security Advisory Update 2718704, issued on June 3, which moved unauthorized digital certificates derived from a Microsoft Certificate Authority to the Untrusted Store.
  2. Apply the WSUS update, issued on June 8th, see KB KB2720211.

Thank you,

WSUS team

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • After installing KB2720211 I noticed I am now getting EventID 12052, 12042, 12022, 12032, 12012, 12002, 13042. Looking at the log file the patch creates everything went fine other than trying to delete selfupdate2 directory that doesn't exist. I'm running WSUS 3 SP2 on 2008 R2 with an SQL 2008 R2 DB. I tried the update on another server using the internal DB and get the same errors in the event log.

  • Do not apply this update as it will stop your server from syncronizing over port 80

  • Any word on this?  SCCM is having no issues with updates, but the errors are still occurring in the WSUS/SUP server application event log.  Not sure if it's even a real issue.