Hi Stephen, Thanks for the tip. Just did a search and it doesn't look like that update is in the Update Catalog. That kinda sucks that I would need to download and create a separate program for deployment in SCCM especially if it is a security patch.
Thanks, Edward From: [email protected] [mailto:[email protected]] On Behalf Of Stephen Owen Sent: Monday, December 16, 2013 5:27 AM To: [email protected] Subject: Re: [mssms] Any Built in Method to Inject KB2905247 Security Update into WSUS/SCCM? Hi Edward, Do you see this update in the Windows Update Catalog? Go to your WSUS server and launch WSUS and then select 'Import Update' to launch the Update Catalog website. If you see the update there, you can import it into SCCM. If you don't then you should download this update and deploy it as a program using SCCM. You can control distribution by creating a query-based collection that queries the presence of this update. On Fri, Dec 13, 2013 at 4:21 PM, Edward Woo <[email protected]<mailto:[email protected]>> wrote: Hi All, After applying December's Microsoft Patch Tuesday updates to some of my test systems, I was told that my test systems were still missing a security update that addresses insecure ASP.NET<http://ASP.NET> site configuration could allow elevation of privilege. (http://technet.microsoft.com/en-us/security/advisory/2905247) I ran Windows Update and the MBSA scan against my systems but this update doesn't show up, but if I go to the web site directly, I see that there is an update available for manual download and install, which doesn't scale well in an enterprise environment. Without having to use SCUP and creating different applicability rules, are there any built in methods/mechanisms to allow me to import all the different variants of this update into WSUS/SCCM so that it can scan and determine which update needs to be installed on the various systems using Software Updates? The key thing I'm looking for is reducing the amount of time it will take to import these updates and deploy them and avoiding the need to create extra queries or detection rules etc. Thanks, Edward
