A
Allen Howard- CMU
Hi All,
So we have an environment with machines running Server 2008r2, 2012r2, and 2016 (the majority are running 2012r2). All the server updates are managed by a WSUS server running 2012r2 (it patches itself, too). Yesterday, I manually synchronized the WSUS server and approved the updates related to Meltdown and Spectre. I then verified that everything downloaded properly by updating the WSUS Server itself with the patches-- everything worked as expected.
Now, this morning, after everything should have scanned for the updates (and they did scan), only a few computers are showing as needing the updates-- in fact, the vast majority are showing as installed/not applicable.
They are all either running Symantec Endpoint Protection or Windows Defender/Forefront and have the proper compatibility registry key set. If you download the update from the update catalog and install it, it installs successfully, but I don't want to have to patch all the servers manually. Other updates are installing just fine from the WSUS server.
This hasn't just happened in this one environment. In another environment that I work on sometimes, it is having the same issue (only they are using Avast! business security, but again, the registry key is set).
Does anyone have any insight into this?
Thanks!
~Allen
Continue reading...
So we have an environment with machines running Server 2008r2, 2012r2, and 2016 (the majority are running 2012r2). All the server updates are managed by a WSUS server running 2012r2 (it patches itself, too). Yesterday, I manually synchronized the WSUS server and approved the updates related to Meltdown and Spectre. I then verified that everything downloaded properly by updating the WSUS Server itself with the patches-- everything worked as expected.
Now, this morning, after everything should have scanned for the updates (and they did scan), only a few computers are showing as needing the updates-- in fact, the vast majority are showing as installed/not applicable.
They are all either running Symantec Endpoint Protection or Windows Defender/Forefront and have the proper compatibility registry key set. If you download the update from the update catalog and install it, it installs successfully, but I don't want to have to patch all the servers manually. Other updates are installing just fine from the WSUS server.
This hasn't just happened in this one environment. In another environment that I work on sometimes, it is having the same issue (only they are using Avast! business security, but again, the registry key is set).
Does anyone have any insight into this?
Thanks!
~Allen
Continue reading...