Event banner
AMA: Managing Windows updates
Event Ended
Wednesday, Jun 05, 2024, 09:30 AM PDTEvent details
Managing updates across an organization doesn’t have to be complicated. Have questions on how to control update offerings and experiences? Want to know the best ways to test on a subset of devices be...
Heather_Poulsen
Updated Dec 27, 2024
swpheonix77
Jun 05, 2024Copper Contributor
Will there be mechanisms built in top WuFb and autopatch to be able to easily pull a Kb from deployment that causes an unforeseen issue in the environment? we can do it easily in WSUS but have been told this is not easy in these products by design? I know we should be able to test in advance releases but things happen 🙂 in a large broad environment? thanks!
- Jason_SandysJun 05, 2024
Microsoft
Also, keep in mind here that granular management of updates as was done in WSUS 10+ years ago is more or less an OBE process given the use of monthly cumulative updates; i.e., granular KBs no longer exist to be approved (or declined). For Windows, it's an all or nothing proposition now and has been since Windows was released. You can entirely pause the delivery all quality updates (which is for most intents and purposes) the monthly Windows CU and this is the primary option. If there is a specific "fix" within a CU that is causing you an issue, you can generally disable these using Known-issue rollback: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/known-issue-rollback-helping-you-keep-windows-devices-protected/ba-p/2176831. The bottom-line though is that granular management of updates is a thing of the distant past even in WSUS as the update model itself has changed.- swpheonix77Sep 16, 2024Copper Contributori appreciate the responses and added guidance to the known issue rollback capabilities. for our admin, the visibility is still much more visible and granular in WSUS (CM) than Intune and WUfB still and hoping it will continue to evolve...as well as the gap in the long awaited driver updates visibility and maturity we are hoping are still coming as promised a year ago. (Impatient...i know:)) We will consider this in decision making and be aware it is only for non-security updates. The updates from July this year that were problematic with Bitlocker would have been an issue that could not be rolled back as i understand it, had a test device sample size not been large enough to determine if it impacted our assets. i also know this scenario is usual rare ...1-2 times per year for us. Is there a link for these roll backs or status that both acknowledges real time when they happen and advising status realtime? thanks again for the information
- Char_CheesmanJun 05, 2024Bronze Contributor
Thanks for participating in today's session of AMA: Managing Windows updates! For reference, the panel covered your question at 39:15.