We've been using the Cisco checks and have noticed some instances where Windows Update reports no new updates to install, even though they are missing updates. Sometimes running a Windows Update fix script (re-registers .dlls, installs latest version of Windows Update client, etc.) fixes these computers and they'll be able to download the patches through Windows Update, but sometimes it doesn't help and they must manually install the updates. We are happy that the Cisco checks are helping to identify these discrepancies.
Would I be accurate in stating the WSUS method assumes the Windows Update client is always working correctly? -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Nathaniel Austin Sent: Monday, October 27, 2008 9:45 PM To: [email protected] Subject: Re: Microsoft Patch Hey Mike, Word from the BU is that they will only update from Microsoft once a month, so this one will not go into the checks and rule set until next months Patch Tuesday release. So a preemptive apology to everyone out there who wants this now. I think there are some good custom checks that some of you have created to at least get it checked for in your environments in the meantime. I know this isn't really a consolation, but I think this again proves that the WSUS style requirement that checks against Microsoft's WU servers instead of our checks and rules is a much better option. Nate Mike Diggins wrote: > On Mon, 27 Oct 2008, Osborne, Bruce W. (NS) wrote: > >> When I last checked this afternoon, Cisco still did not have their >> check published. What happened to the commitment to publish within 48 >> hours of patch release?? > > I was wondering that myself. I checked a few times today to see if it > had been published. I normally only update my CCA servers once a > month, so as not to annoy my clients too much, but this one seems like > it needs special attention. > > -Mike
