Quality update deferals

Iron Contributor

Hi, I wanted to know the real definition/behavior for quality update deferals.

 

Let's say we set it to 2days. For already WUFB managed, I understand it means the devices will see the CU two days after patch Tuesday.

 

But lets say I add an existing sccm managed device into co-management for WUFB, 10days after patch Tuesday, if there's no grace period set, will the device start to see the update right away, since it's 8days past the deferal or will it still wait for the 2 days of deferals?

Thank you in advance and don't hesitate if you have any questions. 

2 Replies

@lalanc01 deferrals specify how many days after an update is releaed that it will be offered to a device. If a security quality update is released on 1/12 and you have 3 days of deferrals, you will be offered the first time the device scans on or after 1/15. 

 

Deadlines don't apply until AFTER the update is passed to the device. For Quality Updates, if for some reason the device was offline and therefore didn't scan until 1/20 and you have a 3 day deadline then yes you will be forced to quickly download/install and restart - which is why we recommend a grace period to prevent this unpleasant experience.

@Aria Carley thank you for the explanation, but if the device didn't scan before 1/20 with a 3day deadline, wouldn't the user have 3days until the device reboots and not right away?

Or is it because the deadline will have start right after the deferal (lets say 2days) so on the 1/14 and the deadline would be on the 1/17, even if the device never received the policy that said it should get the update so it'll do everything on the same day (1/20) and reboot during active hours?

 

Thank you for clarifying this part.