John_Dahl
Apr 28, 2020Copper Contributor
WSUS Drivers category
If we were to turn on the WSUS drivers category would these drivers include all the drivers necessary from the major vendors, Dell, HP, Lenovo? Or is it a small subset only?
If we were to turn on the WSUS drivers category would these drivers include all the drivers necessary from the major vendors, Dell, HP, Lenovo? Or is it a small subset only?
John_Dahl Dune here from the Microsoft Endpoint Manager team-
While the driver category in WSUS contains drivers from some of these vendors, we don't recommend that you use the category as an update mechanism for drivers because the category includes over 100,000 drivers and this can be problematic. The huge list of drivers is not manageable and the metadata alone could be enough to cause scan traffic to spike in your environment.
We know that your options for servicing drivers are not what they could be right now and I can assure you we are hard at work rectifying this 🙂
John_Dahl I always include the following when using WSUS.
But: Dune Desormeaux is right. To avoid overload / havoc never auto-approve drivers in WSUS.
If you are using automatic approval exclude the following categories: drivers, driver packs (WSUS on Server 2019).
Then use the category like Windows 1903 and later servicing drivers to get the most important drivers into the WSUS and use deploy them in rings, following the best practices.
Only approve drivers that are "requested" and test them before going broad. Update drivers and firmware before upgrading a Server or Client OS.
In 20H2 I have meanwhile received even official DELL firmware via WU / WuFB, which is a great next step foward.
The drivers in the named category and WU / WuFB are the same drivers that went through an intensive QA and testing and are now the same as you would get from the vendor, such as DELL.
This is also a big step foward but this is quite a new - mostly unknown change - older OS may not follow the same way and may still offer "Microsoft drivers".
With few caveats like Citrix PVS / MCS that do no like driver updates of VMware network VMXNet3, try to adopt these changes for following OSes in production:
Windows 10 1809 / Windows Server 2019
Windows 1903 or later