Many Microsoft hotfixes and updates do not appear in the WSUS console due to different reasons, for example, when an update is designed to solve a specific problem or the synchronization of updates for a certain product/OS version/update class is disabled in the WSUS settings. For these cases, in WSUS/SCCM there is a feature of manual import of an update(s) from Microsoft Update Catalog.
For example, we want to add the KB3125574 update (convenience rollup update that allows to fix a problem of high RAM usage by wuauserv and long time to search for updates in Windows 7) absent in the list of WSUS updates.
- Open the WSUS console
- In the console tree, right-click the Updates section and select Import Updates
- Then Internet Explorer will start and automatically go to Microsoft Update Catalog webpage. (When you visit this website in IE for the first time, you will have to install a special ActiveX extension, and it’s better to add this website to the list of trusted websites.)
- Using the search feature, find the KBs you need and click Add to add them to the basket. (It’s better not to select more than 20-30 updates at once.)
- Then click View basket to open it
- Check Import directly into Windows Server Update Services (if this option is not available, make sure you have the administrator privileges on your WSUS server) and click Import
- Wait till the updates are downloaded. (If the download suddenly terminates, try again.)
- Then find the downloaded patches in the All Updates section of the WSUS console and confirm their installation to the necessary groups of computers.
Using this method, you can import any updates from Microsoft Update Catalog to the WSUS server, including drivers, SPs, etc.
2 comments
I don’t have the Import option (logged as a local Administrator on the server). How can I fix that?
1. Add your admin account to the local WSUS groups.
2. Reset IE settings.
3. Temporary change the security setting in IE on lower level.
4. Try to import the update.