The WSUS/Software Update blog

The Official WSUS/Software Update Support Team Blog

  • Why Microsoft Security Bulletins MS15-049 and MS15-051 are listed as MS15-044 in Configuration Manager and WSUS

    ~ Meghan Stewart | Support Escalation Engineer If you’ve reviewed the Security Bulletin Summary for May 2015 , you may have noticed that some security bulletins appear to be missing from your WSUS or Configuration Manager console. If you open the Microsoft...
  • May 2015 Updates

    Today, as part of Update Tuesday, we released 13 security bulletins . We encourage customers to apply all of these updates. For more information about this month’s security updates, including a detailed view of the Exploitability Index (XI),...
  • Microsoft Bounty Programs Expansion – Azure and Project Spartan

    I am excited to announce significant expansions to the Microsoft Bounty Programs . We are evolving the 'Online Services Bug Bounty, launching a new bounty for Project Spartan, and updating the Mitigation Bypass Bounty. This continued evolution...
  • April 2015 Updates

    Today, as part of Update Tuesday, we released 11 security bulletins . We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI...
  • Support Tip: High CPU utilization on Domain Controllers due to WSUS App Pool issue

    ~ Dennis Donahoe | Senior Support Escalation Engineer Last week we mentioned an issue we’ve seen here in product support where System Center Configuration Manager 2007 (ConfigMgr 2007) or System Center 2012 Configuration Manager (ConfigMgr 2012 or ConfigMgr...
  • Support Tip: WSUS sync in ConfigMgr 2012 fails with HTTP 503 errors

    ~ Eric Ellis | Senior Support Escalation Engineer Here in product support we’ve seen a recent uptick in issues related to WSUS/ConfigMgr sync problems after the last Patch Tuesday, so I wanted to take a minute to mention the issue here, as well as how...
  • March 2015 Updates

    Today, as part of Update Tuesday, we released 14 security bulletins to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer. We encourage customers to apply all of these updates. For more information...
  • Security Advisory 3046015 released

    Today, we released Security Advisory 3046015 to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” (Factoring attack on RSA-EXPORT Keys). Our investigation continues and we’ll take...
  • February 2015 Updates

    Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer...
  • Support Tip: Clients are unable to download 3rd party updates when the WSUS content is on a DFS share

    ~ Subbulakshmi Kumar | Support Engineer I was recently working with a customer who found that he was unable to download third party updates from System Center 2012 Configuration Manager (ConfigMgr 2012) when the WSUS content was on a DFS share. The 3rd...
  • The January 2015 Microsoft Security Updates

    Today, as part of Update Tuesday, we released eight security updates – one rated Critical and seven rated Important in severity, to address eight unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows. We encourage you to apply...
  • A Call for Better Coordinated Vulnerability Disclosure

    For years our customers have been in the trenches against cyberattacks in an increasingly complex digital landscape. We’ve been there with you, as have others. And we aren’t going anywhere. Forces often seek to undermine and disrupt technology...
  • Evolving Microsoft's Advance Notification Service in 2015

    Our Advance Notification Service (ANS) was created more than a decade ago as part of Update Tuesday to broadly communicate in advance, about the security updates being released for Microsoft products and services each month. Over the years, technology...
  • Microsoft .NET Framework 4.5.2 availability via WSUS

    Hi WSUS Admins, The Microsoft .NET Framework 4.5.2 will be made available via Windows Server Update Services on 13 January 2015 . You can learn more about .NET Framework 4.5.2 here . Useful information about this release: The .NET Framework...
  • How to install and configure System Center Updates Publisher

    ~ Subbulakshmi Kumar | Support Engineer System Center Updates Publisher (SCUP) is an independent tool that enables us to import third party software update catalogues, create and modify software update definitions, export update definitions to catalogs...
  • December 2014 Updates

    Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office...
  • Advance Notification Service for the December 2014 Security Bulletin Release

    Today, we provide advance notification for the release of seven Security Bulletins. Three of these updates are rated Critical and four are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer (IE), Office and Exchange...
  • Security Bulletin MS14-068 released

    Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions of Windows Server and includes a defense-in-depth update for all supported versions...
  • Out-of-band release for Security Bulletin MS14-068

    On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows. We strongly encourage customers to apply this update as soon as possible, following the directions in...
  • November 2014 Updates

    Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office...
  • Advance Notification Service for the November 2014 Security Bulletin Release

    Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer...
  • Security Advisory 3009008 revised

    Today, we revised Security Advisory 3009008 to provide an easy, one-click Fix it for customers to disable SSL 3.0 in all supported versions of Internet Explorer (IE). We are committed to helping protect our customers and providing the best possible...
  • Security Advisory 3010060 released

    Today, we released Security Advisory 3010060 to provide additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously...
  • Security Advisory 3009008 released

    Today, we released Security Advisory 3009008 to address a vulnerability in Secure Sockets Layer (SSL) 3.0 which could allow information disclosure. This is an industry-wide vulnerability that affects the protocol itself, and is not specific to Microsoft’s...
  • October 2014 Updates

    Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer...