WSUS Product Team Blog

Hi WSUS Admins,

We are planning on releasing two updates related to the .NET Framework 3.5 Service Pack 1. Both of these address customer feedback problems that have been reported back to us.

The first is for the .NET Framework Assistant 1.0 that enables Firefox browsers to use ClickOnce technology. We will be releasing an update to the .NET Framework Assistant 1.0 in order to make the extension compatible with future versions of Firefox and enable the uninstall button of the add-on. This update is applicable to all machines with .NET 3.5 SP1 installed.

Additional information about this update can be found here: http://support.microsoft.com/kb/963707

We will also be releasing a revised .NET Framework 3.5 Service Pack 1 (SP1) and Family Update this week for Windows Server 2003 and Windows XP with the .NET 3.5 SP1 language packs separated from the original update. While the detection logic has been updated, there have been no changes made to the binaries shipped. Therefore, machines that have previously installed the .NET 3.5 SP1 do not need to install this again. Machines with .NET 3.5 SP1 installed and without .NET 3.5 SP1 language packs, will receive the latter as a separate update.

Additional information about .NET Framework 3.5 sp1 can be found here: http://support.microsoft.com/kb/951847

Thank you!

Hello WSUS Admins,

Shortly after the release of our previously announced update for Forefront Client Security, we received reports of a previously released update for FCS (Client Update for Microsoft Forefront Client Security (1.0.1703.0)) constantly re-offering.  The Forefront team has tested and released a revision to this older update to resolve this re-offer problem, and this revision is now live for WSUS servers.

Machines managed by WSUS servers will need to 1.) synchronize their WSUS server to download the latest revision 2.) approve the latest revision and 3.) wait for the client to re-scan against the WSUS server to receive the corrected update revision. (Note that Step 2 is not required if you have configured your WSUS server to automatically approve revisions).

We apologize for any inconvenience this problem may have caused.

Sincerely,
The WSUS Team

Hello WSUS Admins,

There are 2 new product categories being added to the WSUS Products and Classifications dialog, both under the product family “Office Communicator Server and Office Communicator”. The two new categories are:

Office Communications Server 2007 R2:

The Office Communications Server 2007 R2 product category will include updates for the Microsoft® Office Communications Server 2007 R2, including service packs, critical and security updates.

Office Communicator 2007 R2:

The Office Communicator 2007 R2 product category will include updates for the Microsoft® Office Communicator 2007 R2 , including service packs, critical and security updates.

For additional information on the Office Communicator 2007 R2 product family, see http://www.microsoft.com/uc/products/default.mspx

Thanks!

--The WSUS Team

I am very pleased to announce that WSUS 3.0 SP2 RC will be available to the general public today, May 26, via the Connect Site.

 All you have to do is sign in to your Connect account or sign up now in order to participate in the RC program.
This program is available to all registered and authenticated users of Connect.

WSUS 3.0 SP2 RC Overview

New Windows Server and Client Version Support

·       Integration with Windows Server® 2008 R2

·       Support for the BranchCache feature on Windows Server 2008 R2

·       Support for Windows 7 client

WSUS Feature Improvements

Auto-Approval Rules

·       Auto-approval rules now include the ability to specify the approval deadline date and time for all computers or specific computer groups.

Update Files and Languages

·       Improved handling of language selection for downstream servers includes a new warning dialog that appears when you decide to download updates only for specified languages.

Easy Upgrade

·       WSUS 3.0 SP2 can be installed as an in-place upgrade from earlier versions of WSUS and will preserve all of your settings and approvals. The user interface is compatible between WSUS 3.0 SP1 and SP2 on the client and the server.

Reports

·       New Update and Computer Status reports provide the ability to filter on updates approved for installation. You can run these reports from the WSUS console or use the API to incorporate this functionality into your own reports.

Software Updates

·       Stability and reliability fixes for the WSUS server, such as support for IPV6 addresses greater than 40 characters.

·       The approval dialog now sorts computer groups alphabetically by group name.

·       Computer status report sorting icons are now functional in x64 environments.

·       Fixed setup issues with database servers running Microsoft® SQL Server® 2008.

·       A new release of Windows Update Agent is included with WSUS 3.0 SP2 that provides improvements and fixes, such as support for APIs called by non-local system callers in a non-interactive session.

For more information about this release refer to the Release Notes for Windows Server Update Services 3.0 SP2 RC.

Thank you very much for your participation. Your feedback is greatly appreciated.

Regards,

Cecilia Cole

WSUS Program Manager

Hello WSUS Admins,

The MU team has published information about the upcoming release of Vista and Win2k8 SP2 through WU and WSUS. You can find more information on their blog post here.

As always, please review and prepare your environments for this release.

Thanks!

--
The WSUS Team

Hello WSUS Admins,

Shortly we will be publishing a new top level category (product family) for WSUS – Live Search. The Live Search product family will include updates for all Live Search products. Under this product family we will be creating a category for:

•  Search Enhancement Pack – For all updates relating to the Search Enhancement Pack.

 The Live Search products may include updates including service packs, optional updates, critical updates, and security updates.

For additional information on Live Search Products see: http://www.live.com. 

Thanks!

The WSUS Team

By default, Windows Server 2008 SP2 includes the ability to install the Windows Server Update Services Role Service by using Server Manager. This role lets you use the MMC Server Manager snap-in and wizards to install, configure, and manage WSUS 3.0 SP1. This behavior is different from Windows Server 2008 SP1 where the administrator needed to install an update to Server Manager to be able to install WSUS as a Role.

Important:

·         There is no need to install "Update for Windows Server 2008 Server Manager" (KB940518). This update is only applicable to Windows Server 2008 SP1 computers.

Deployment Instructions

·         To install WSUS 3.0 SP1 on a Windows 2008 Server SP2 server that is pointed to Windows Update or Microsoft Update, go directly to Server Manager and install the WSUS Role.

·         To install WSUS 3.0 SP1 on a server running Windows Server 2008 SP2 which is being updated by a WSUS server, do the following procedure.

1.       Enable the following Product Classifications:

1.       Updates

2.       Enable the following Category:

1.       Windows Server 2008 Server Manager – Windows Server Update Services (WSUS) Dynamic Installer category is a container for WSUS updates. These updates are “hidden” such that user will never see a notification or be downloaded by WUA.  These updates can only be downloaded via the WUA APIs. Server Manager is using this method to download and start the install of WSUS.

3.       Approve the Windows Server Update Services 3.0 SP1 Dynamic Install for Windows Server 2008 (KB948014) (there’s one for x86 and one for x64). This specific WSUS package is targeted at Windows Server 2008 computers that do not have WSUS installed. This package will only install via Server Manager.

Note: Since the update is targeted at any Windows Server 2008 computers that don’t have the WSUS role installed, these machines will report that the update “is needed”. You do not have to install this update on these computers if you do not want it.

After WSUS is detected as installed by Server Manager it can be configured and managed within the Server

Manager UI/WSUS Snap-in.

 Hi WSUS Admins,

Just a heads up to let you know we will be releasing revised .NET Framework 3.5 Service Pack 1 (SP1) and Family Update packages to address confusion caused from the initial release on 1/27/2009.  In these revised packages, we’ve made 2 changes:

1.       We’ve reduced the file size of the packages for each architecture (x86 and x64). The original packages were 237 MB in size, the revised packages are 53 MB (x86) and 97 MB (x64).

2.       We’ve clarified the titles to minimize confusion about what each package contains and what it is applicable to.

Please note that while the packaging has been updated, there have been no changes made to the binary payload inside these packages, and no new fixes are included beyond those already in the original release on 1/27/2009.  Therefore, machines that have previously installed the .NET 3.5 SP1 do not need to install the revised package(s).   We expect to publish these revised updates within the next few weeks.

We will expire the old packages the same day we release the new revised packages.  The new update packages will be:

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86

This combined  Service Pack and update is applicable to .NET versions 2.0 through 3.5.

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86

This combined Service Pack and update is applicable to systems running a version of .NET prior to version 2.0, or to systems that have no prior version of .NET framework installed.

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x64

This combined Service Pack and update is applicable to .NET versions 2.0 through 3.5.

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x64

This combined Service Pack and update is applicable to systems running a version of .NET prior to version 2.0, or to systems that have no prior version of .NET framework installed.

 We appreciate your feedback and thank you!

Service Pack 2 for the 2007 Office System will be made available to Windows Server Update Services in April, classified as a service pack.  Service Pack 2 includes some significant work, including: built-in ability to save as ODF & PDF formats, improvements to Outlook’s performance and calendar reliability, significant bug fixes for charts in core Office applications, the ability for client service packs to be removed using an uninstall tool, and a host of customer-requested improvements to the Office Server products.  It is also a rollup of all fixes that have previously been released for Office 2007 products.  Additional information will be posted to the Office Sustaining Engineering blog later this month.

Thank you.

-Cecilia Cole

WSUS Program Manager

Hi WSUS Admins:

We’ve noticed some confusion about the recently released updates for Microsoft .NET Framework 3.5 SP1.  So, let’s see if we can help clarify the differences in the packages.  These updates apply to x86 and x64 computers.  The detailed update descriptions describe both the platform and OS architecture that apply for each of the updates. You’re also likely wondering about the differences in the update titles. Here are the differences:

1.      The update titled “Microsoft .NET framework 3.5 Family Update (KB959209)” updates computers already running .NET Framework 3.5 SP1 with the latest compatibility fixes.  So, if you only want to update existing .NET Framework 3.5 SP1 computers with the latest fixes, then approve these packages.

2.      The update titled “Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)” will upgrade computers with .NET Framework 2.0, 3.0, 3.5 to the latest version of the .NET Framework 3.5 SP1, and will also apply KB959209 (#1 above). If you want to upgrade/update all of your computers to the latest version of the .NET Framework and apply the latest compatibility fixes, then approve these packages.

If  you know you only need the latest compatibility fixes for 3.5 SP1, then we recommend you only approve the Microsoft .NET framework 3.5 Family Update (KB959209).   Otherwise, we recommend that you approve the second update.

Thanks,

The WSUS team

I am very pleased to announce that WSUS 3.0 SP2 Beta is available today, January 26, via the Connect Site. All you have to do is sign in to your Connect account or sign up now in order to participate in the Beta program.

WSUS 3.0 SP2 Beta Overview

New Windows Server and Client Version Support

·       Integration with Windows Server® 2008 R2

·       Support for Windows 7® client

·       Support for the BranchCache feature on Windows Server® 2008 R2

WSUS Beta Feature Improvements and Fixes

Auto-Approval Rules

·       New functionality lets you specify the approval deadline date and time.

·       You can now apply a rule to all computers or to specific computer groups.

Update Files and Languages

·       This release provides improved handling of language selection on downstream servers. A new warning dialog appears when you download updates only for specified languages.

Cross-Version Compatibility

·       The user interface is compatible between Service Pack 1 and Service Pack 2 for WSUS 3.0 on both the client and the server.

Software Updates

·       Stability and reliability fixes for the WSUS server, such as support for IPV6 addresses greater than 40 characters.

·       The approval dialog now sorts computer groups alphabetically by group name.

·       Computer status report sorting icons are now functional in x64 environments.

·       Fixed setup issues with database servers running Microsoft® SQL Server® 2008.

Thank you very much in advance for your participation. Your feedback is greatly appreciated.

Regards,

Cecilia Cole

WSUS Program Manager

The following instructions enable WSUS administrators to setup WSUS to  install WSUS 3.0 SP1 through Window Server 2008 SP1 Server Manager. The following update packages are used to upgrade previous versions of WSUS only and are not part of this discussion:

Windows Server Update Services 3.0 SP1 (KB948014)

Windows Server Update Services 3.0 SP1 for x64-based Systems (KB948014)

On the WSUS server, the admin must enable the Updates and Feature Packs classifications,  select two new product categories, approve the update that upgrade Server Manager, and approve the package Windows Server Update Services 3.0 SP1 Dynamic Install for Windows Server 2008 (KB948014) (there’s one for x86 and one for x64).   This specific WSUS package is targeted at Windows Server 2008 that DON’T have WSUS installed.  This package will only install via Server Manager.

Deployment and/or usage scenarios

·         Scenario A: Installing both KB940518 and KB948014 from WSUS

1.       Windows Server 2008 SP1 is offered the KB940518 update.  Installing this update on Windows Server 2008 SP1 updates Server Manager (SM) to manage or install the WSUS Role via its UI.

2.       After successfully installing KB940518, the administrator can install the WSUS role using SM Add Role which uses the WUA APIs to download WSUS in a “hidden” product category.  When SM launches the WSUS setup UI, the administrator can follow the WSUS setup UI to complete the installation.

3.       After the installation succeeded, SM will need to be restarted to show the WSUS MMC Snap-in UI.

·         Scenario B: Installing KB940518 after KB948014 has been installed

1.       WSUS 3.0 SP1 has been installed on the Windows Server 2008 SP1 machine.

2.       Administrator installs KB940518 update for SM.

3.       Following restart of SM, WSUS is detected as installed by SM and can be managed within the SM UI/WSUS Snap-in.

WSUS Admin workflow

The workflow below will enable scenarios A & B described above.  The following must be enabled or approved for end-to-end functionality.  Note, enabling the classifications below WSUS will get updates in these classification for all categories, not just the categories specified below.

Product classifications needed:

a.       Updates

b.      Feature Packs

Categories that are needed

1.       Windows Server 2008 Server Manager – Windows Server Update Services (WSUS) Dynamic Installer category is a container for WSUS updates mentioned previously.  These updates are “hidden” such that user will never see a notification or be downloaded by WUA.  These updates can only be download via the WUA APIs – Server Manager is using this method to download and start the install of WSUS.

2.       Windows Server 2008 Server Manager Dynamic Installer category enables Windows Server 2008 Server Manager to dynamically discover and install when new updates are available for SM.

Updates that need to be approved dependent on your environment

a.       The WSUS binaries used the in updates listed below are the same as those described in KB948014 and available on the Microsoft Download Center (http://www.microsoft.com/downloads/details.aspx?FamilyID=f87b4c5e-4161-48af-9ff8-a96993c688df&DisplayLang=en).  Note: Since the update is targeted at Windows Server 2008 that don’t have the WSUS role installed, these machines will report that the update “is needed”.

1.       Windows Server Update Services 3.0 SP1 Dynamic Install for Windows Server 2008 x64 Edition (KB948014)

2.       Windows Server Update Services 3.0 SP1 Dynamic Install for Windows Server 2008 (KB948014)

b.      The following Server Manager updates needs to be approved:

1.       Update for Windows Server 2008 Server Manager (KB940518)

2.       Update for Windows Server 2008 Server Manager x64 Edition (KB940518)

More Information

3.       More information on updates associated with these categories can be found at: http://support.microsoft.com/kb/940518 - “An update is available that integrates Windows Server Update Services (WSUS) 3.0 into Server Manager in Windows Server 2008”

4.        http://support.microsoft.com/kb/948014/en-us -“Description of the Windows Server Update Services 3.0 Service Pack 1 package”

Thanks.

Cecilia Cole

WSUS Program Manager

Hi WSUS Admins,

Soon you will see a new product category family called PlayReady PC Runtime for Windows Media Center.  Associated updates for the PlayReady PC Runtime will not be made available to WSUS for synchronizing as they are available only to Windows Media Player via the Windows Update API (WUAPI).  You will see the product family, however not the associated product categories or updates.  For additional information see:   PlayReady.

Thank you,

The WSUS team