Forum Discussion

RahamimL's avatar
RahamimL
Iron Contributor
Jul 14, 2020

Block a specific windows update

Hi everyone,

 

We started using Intune in the past month and a half. Both with SCCM co-managed computers and Intune only enrolled computers.

On June 9th, Microsoft published kb4560960 which has known issues with the print spooler. Microsoft then superseded this update with KB4567512.

Here is the problem: My deployment ring is scheduled to deploy any deployed update 3 weeks after it is generally available. This means, if Microsoft decides to pull the update back because of a fault in the update I can be happy because the issue was taken care of in those 3 weeks. But in this case, Microsoft didn't pull the update, I was affected by the bug in kb4560960 and was required to manually install KB4567512 to fix this.

For me this is bad management because I can't control this in anyway and it also means that any screwed up updates  that will be published can potentially ruin my computer because I was stop this in any way... Even if I pause the ring I will still have to deal with this after I resume it...

Am I right or am I missing something?

 

Thanks, Rahamim.

Resources