1,071 questions
yes you can do that use adr. https://learn.microsoft.com/en-us/mem/configmgr/sum/deploy-use/automatically-deploy-software-updates
SCCM auto install certain KB for devices?
Eaven HUANG
2,191
Reputation points
Dear Experts,
In our production, we have some machines running Windows 11 but quite a half of the rest are running Windows 10.
We need to apply one certain KB for the devices with Windows 11. We also use WSUS in our env at this stage.
Is it possible to add this KB as an Update (shown in software center) or an application, so it filters the devices and install to the devices with Windows 11 only?
We don't want to touch device with Windows 10.
This KB was not auto-installed via WSUS, I'm referring to kb5008295 which is aim to fix Snipping tool issue in Windows 11.
Any idea would be really helpful! Thanks a lot!
Microsoft Security | Intune | Configuration Manager | Deployment
Microsoft Security | Intune | Configuration Manager | Application
Microsoft Security | Intune | Configuration Manager | Other
4,608 questions
2 answers
Sort by: Most helpful
-
Garth 5,801 Reputation points2022-12-05T10:20:43.297+00:00 -
Eaven HUANG 2,191 Reputation points
2022-12-05T15:13:22.897+00:00 Hi @Garth ,
Thanks a lot for your advice.
My concern is that - if we created the ADR, will the updates be synchronized from our in-place WSUS?
The reason I was looking for this answer, is that currently the KB was not installed by our local WSUS. It was not even a security patch.So can we selectively tick some certain KB from the online Windows Update? I don't really want to install all the updates from online or from WSUS (upstream)?
Thanks a lot.
-
Garth Jones 1,666 Reputation points MVP2022-12-05T15:48:03.787+00:00 So What is wrong with manually creating a Software Update group and deploy that with just that KB?
-
Eaven HUANG 2,191 Reputation points
2022-12-05T15:50:51.073+00:00 The issue is that in our env we have other client machines runing Windows 10 LTSB, LTSC, Windows 10 Pro Education, etc. I'm not sure if there is one way allowing me to create the group for deploying the KB only for all Windows 11 clients?
Most of our Win11 client are x64 based, but I saw the KB is different if we need to apply it to ARM-Based, this is another concern..
Sign in to comment -
-
CherryZhang-MSFT 6,496 Reputation points2022-12-06T09:13:42.037+00:00 Hi @Eaven HUANG ,
1, Is the update in the link what you want to deploy?
Microsoft Update CatalogIf so, this update will automatically sync with WSUS if you configure Products and Classifications as follows:
Product: Windows 11
Classification: Security Updates
The links for your reference:
November 5, 2021—KB5008295 Out-of-band - Microsoft Support
November 5, 2021—KB5008295 Out-of-band - Microsoft Support2, If you want to deploy it via ADR and you just want to deploy it for win 11 clients. I recommended that you could create a collection that just contain Win11 client and then you can deploy it just to the Win11 client.
The screenshot for your reference:
> if we created the ADR, will the updates be synchronized from our in-place WSUS?
3, One of the prerequisites while installing SCCM is WSUS role installation. The software update point (SUP) site system role must be installed on a server that has WSUS role installed.
This article for your reference:
How to Install WSUS for SCCM | SUP Role | ConfigMgr (prajwaldesai.com)
Note: Microsoft provides third-party contact information to help you understand the problem. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.4, For more information about how to Create an ADR In SCCM, we can refer to this link:
Create Automatic Deployment Rule In SCCM (prajwaldesai.com)
Note: Microsoft provides third-party contact information to help you understand the problem. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.If I misunderstand something, please free let me know.
Thank you for your time and patience!
Best regards,
Cherry
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.-
CherryZhang-MSFT 6,496 Reputation points
2022-12-08T02:03:55.173+00:00 Hi,
Could you please letting me know the latest status. Do you have any further progress on this issue? If there is any other assistance we can provide, please feel free to let us know, we will do our best to help you.
Looking forward to your feedback.
Best regards
Cherry
Sign in to comment -