nevets2001uk
IS-IT--Management
We have a WSUS server setup locally where all devices are directed for Critical updates. This is set via GPO. Recently we noticed that the Win 7 devices we checked were also getting many smaller Windows, Office, .NET updates and security updates (found by reviewing the installed updates list). However when we checked in WSUS most of these were not approved, yet showing as installed.
We reviewed the Windows Update Log and while I'm no expert it didn't appear that these extra updates were being logged. I checked a given date were we had had over 20 installs and the log showed none have been found as required and appeared to be correctly checking with WSUS.
Therefore we're now stumped as to how these are being applied. It's as if the clients are also checking and downloading from MS but I would have expected to see this in the Windows Update log.
Has anyone else seen similar or can suggest how we find out where these are coming from and prevent it? We only want the approved WSUS updates to be applied. End users report that this is installing in the normal manor via Windows Update.
Steve G (MCSE / MCSA:Messaging)
We reviewed the Windows Update Log and while I'm no expert it didn't appear that these extra updates were being logged. I checked a given date were we had had over 20 installs and the log showed none have been found as required and appeared to be correctly checking with WSUS.
Therefore we're now stumped as to how these are being applied. It's as if the clients are also checking and downloading from MS but I would have expected to see this in the Windows Update log.
Has anyone else seen similar or can suggest how we find out where these are coming from and prevent it? We only want the approved WSUS updates to be applied. End users report that this is installing in the normal manor via Windows Update.
Steve G (MCSE / MCSA:Messaging)