• New location to find information about WSUS updates

    Posted over 8 years ago
    by WSUS Team}

    Hi folks:

    Just wanted to get you up to speed on some update information were trying to make more available to WSUS admins as we release content!

    If you look on your web-based WSUS Admin UI home page you'll see the link:
    Get the latest WSUS news from Microsoft  (click on that to go to the TechNet
    WSUS IT admin techcenter).

    Top of the page is the latest Update News.
    For now; It points you to the MSRC bulletins for Security updates
    For Windows (security and non security updates) published by WINSE (2nd
    link) you'll see a link to kb894199 which lists by date, all updates (and
    detailed info) released by Windows Sustained Engineering since Jan 2005.

    The next link is a table of NON-Windows MS products by date since Dec. 05.
    We have just started adding security non-windows info to that as of last
    release (after the fact of coarse).  Note the column deployment information
    which gives guidance on what should be done with this update and the
    description - advising key points (and link to associated KB).

    We also have a couple of links to our Microsoft Security Response Center
    blog and the WSUS blog, where new update category, classification and other
    info is frequently posted.

    In addition on this WSUS TechCenter - Note under Quick information, two new
    links to:  About Updates and Products Supported by WSUS, which give you
    background information about topics like supersedence and what updates for
    what products are currently avaialble via WSUS.  These will be fully updated by this Thursday, March 2nd. 

    For WSUS admins, this update information  content will only get better and more navigateable over time.  Rest assured though, we've heard you on the need and we thought getting the information out there quickly was the most important thing.

    Remember its a click away from your WSUS admin UI - so that should help.
    Love to get your feedback on what is useful and whats missing.  We are going to be adding more info later this month such as:

    Update size (both Express & regular packages)
    Reboot required (y/n)
    UI (y/n)
    Supersedes other updates (y/n)
    Installer (msi /update.exe)

    While all this information is in the update details once the WSUS server synchs per
    update, its also helpful for planning (non-security updates) if you can see
    this info a couple of days before release - to better enable pre-planning
    for testing/rolling out updates.

    Hope this helps-

    -Bobbie Harder, WSUS PM

  • Update status Installed vs. Not Applicable

    Posted over 8 years ago
    by WSUS Team}

    We have been investigating reports that client status for Windows Media Player security updates, released 2/15 in MS06-005 and MS06-006, were reported as installed instead of non-applicable.  We have been able to reproduce and verify that for these updates WSUS, SMS, using ITMU, and MBSA are reporting a status of Installed when in fact the update is not installed and should not be applicable for that client.  This mis-representation of the applicability status of these updates as installed vs. not applicable does not impact the security of these systems with regard to these items.  Status resulting if the updates are in fact installed, or needed by the clients, is correctly reported. Only when the updates do not apply or are ‘not applicable’ to the client does the status incorrectly report Installed results.   The security of the client with relation to these updates is not impacted.  Microsoft is investigating a solution to avoid this condition of status going forward.

    Thanks -

    Bobbie Harder, Program Manager

    WSUS

  • New Product Category in WSUS synch Options

    Posted over 8 years ago
    by WSUS Team}

    Starting today, Monday 2/20/06 you will be able to see a new category in your WSUS synchronization options product dialog titled Microsoft System Center Data Protection Manager.

    Microsoft System Center Data Protection Manager (DPM)is designed specifically for disk-based backup. DPM, the newest member of the Microsoft Windows Server System focuses on disk-based data protection and recovery. DPM installs on Microsoft Windows Server 2003 SP1 and protects servers running Microsoft Windows 2000 Server, Microsoft Windows Server 2003, Windows Storage Server 2003 and Windows Storage Server R2 to deliver best-in-class data protection services.

    Updates will be published and available for DPM via WSUS later this month.  In order for your WSUS servers to synch these updates from MU, the product category DPM must be checked as well as the "updates" classification in your synchronization option dialog.

    DPM Product Overview

    http://www.microsoft.com/windowsserversystem/dpm/evaluation/overview.aspx

    For other Related Info

    http://www.microsoft.com/windowsserversystem/dpm

    Thank you -

    Bobbie Harder

    WSUS, Program Manager

  • Issue with MS06-007 and 913446 install failure - Rectified

    Posted over 8 years ago
    by WSUS Team}

    After the release of MS06-007 today (Tuesday 14 February 2006) , Microsoft became aware of an issue affecting  the installation of MS06-007 (KB913446).  After investigating the issue we validated reported failures to install the security update through Automatic Updates, Windows Update, Windows Server Update Services and Systems Management Server 2003, when using the Inventory Tool for Microsoft Updates (ITMU). As some of you noted, the issue did not affect customers who installed the updates through Software Update Services or through Systems Management Server when not using ITMU, or manually installed the Security Update from the Microsoft Download Center.

     

    We also validated the issue did not affect the security update MS06-007 (KB913446) itself. When successfully installed, MS06-007 fully protects against the Internet Group Management Protocol (IGMP) vulnerability. Also, the installation issue only affects MS06-007; no other security updates were affected by this issue.

    We have updated the release for these distribution channels to correct the issue.  Customers who encountered this issue should take the following actions:  


    1. Automatic Updates (AU) - AU customers need take no action: the new updates will automatically download.
    2.  Windows Server Update Services (WSUS) - WSUS Administrators who had synchronized their WSUS Server to obtain the updates released on Tuesday 14 February, before 8:30PM PST that evening should manually synchronize their WSUS Servers and approve the new updates.
    3.  Systems Management Server 2003 with the Inventory Tool for Microsoft Updates (ITMU) - SMS Administrators should who had synchronized their servers to obtain the updates released on Tuesday 14 February, before 8:30PM PST that evening should re-synchronize their servers for the latest updates.
    4.  Microsoft Update (MU) and Windows Update - Customers who visited MU and WU before 8:30 PM on Tuesday February 14th, should revisit MU or WU and accept the downloads being offered to them.

    Our investigation has determined there was an issue in the distribution infrastructure in handling this particular update which has been identified and resolved. Microsoft is taking steps to prevent similar issues from occurring in the future.

    thanks- Bobbie

     

    Bobbie Harder

    WSUS, Program Manager

     

  • New updates available for beta2 Windows Defender today

    Posted over 8 years ago
    by WSUS Team}

    Hey Folks- Haven't had much news lately.  We've all been a bit long in the chin since the SuperBowl around these parts...... but next years' another year .......right??!!

    Anyway, we're all hard at work on the next version of WSUS, but wanted to update you on some new updates coming down the pipe for some beta partners.

     

    Just a quick announcement to keep you posted on whats' coming down the pipe:

    Definition Updates for Windows Defender (Beta2) will be available for synchronization via WSUS to Beta Testers Monday, 2/13/06.  To synch these definition updates, for availability to WSUS clients with this beta installed, be sure the new Windows Defender product category and Definition Updates classifications are selected in your synchronization options. 

     

    Windows Defender (Beta2) must be installed on the client for which you are approving Definition Updates. Windows Defender (Beta2) is currently available to a limited group of Beta testers, which will increase to make  Windows Defender Beta2 more broadly available. For more information about Windows Defender and Microsoft’s stance on spyware see:  http://www.microsoft.com/athome/security/spyware/default.mspx

     
    thanks- Bobbie
    --
    Bobbie Harder
    Program Manager, WSUS
    Microsoft
     
    This posting is provided "As Is" with no warranties, and confers no rights.
    Use of included script samples are subject to the terms specified at     http://www.microsoft.com/info/cpyright.htm