In this article discuss about How to Manually Import Updates into WSUS server for windows patching.
In general, all security and critical windows updates have been downloaded to Windows Server Update Services (WSUS) server. However, in some scenarios like non-security preview releases which are referred as “C” releases are not available on WSUS server. In this blog will explain How to Manually Import Updates into WSUS.
History about Windows Update release:
- Patch Tuesday is the second Tuesday of the month when the biggest updates are released. These updates are called as “B” release updates which contains security fixes.
- A “C” update is released in the third week of the month, and a “D” update in the fourth. It contains only bug fixe issues.
- Additionally, Microsoft occasionally releases “out-of-band” patches, which are critical patches that aren’t scheduled for release and are released at the last minute.
Out-of-band update has been released on January 17, 2022 visit Microsoft site
Its mandatory to install the update as per Microsoft is releasing Out-of-band (OOB) it addresses issues related to
- VPN connectivity,
- Windows Server Domain Controllers restarting,
- Virtual Machines start failures, and
- ReFS-formatted removable media failing to mount
In that scenario, those updates must be manually imported into the WSUS server.
By default, January .17.2022 KB5010790 (OS Build 14393.4889) Out-of-band was not existing in WSUS server. Let’s check.
Pre-check package does not exist in WSUS server.
Procedure for Manually Import Updates into WSUS Server:
Step1: Make ensure WSUS connected to internet. Left side you can see Import Updates select the tab.
Check for KB article it will redirect to Microsoft catalog.
Step2: Search for KB number example KB5010790 and select Add button.
Search for KB number and click on Add button.
Step3: Select view basket option and Import.
step4: Import Process will start, my incase it was failed to due SchUseStrongCrypto key was not existing in Windows Registry.
Failed since SchUseStrongCryptoto was existing.
NOTE:
If you encountered error 80131509 or error 800a0046 during the import of updates from Microsoft Update Catalog into Windows Server Update Services (WSUS) to fix these kind of issue .net application must be enabled with strong cryptography.
Step5: Cryptographic protocols can be managed in the registry in a Windows environment.
Open Windows Registry as administrator and add new DWORD value as shown below
Step6: After adding keyword reboot WSUS server.
Step7: You can see KB5010790 in WSUS server.
How to Manually Import Updates into WSUS Procedure has been completed as discussed above step by step.
conclusion:
Whenever a security update is released, it goes through an extensive process of research, development, and testing until it reaches an acceptable quality level. During risk assessments, administrators typically identify any known issues, which are typically documented in support.microsoft.com Knowledge Base related to the security updates.
The most convenient way to download patches on Patch Tuesday is through Windows Update.
Thanks for your time , leave a comment if you have any queries about How to Manually Import Updates into WSUS.
We can do Software deployment using GPO
