Windows Updates are showing up as Pending to be installed on the End Devices

Seema Kanwal Gurmani 336 Reputation points
2023-08-31T10:29:00.2066667+00:00

Dear Community,

We have this Issue that Windows Updates are showing up as Pending to be installed on the End Devices.

We have WSUS Server that pushes Windows Updates on End Devices for windows 8,10 & 11. But We are concerned that:

Question1 Shouldn't the updates get automatcally installed as well after download?

Question2 why is it prompting end users to install the updates when our updates are being pushed from WSUS?

Question3 How can we fix it and automatically install them as well?

I am getting this Notification with Red Dot reagrding Windows Updates and when I check it shows updates with status "Pending Install" w& is asking to "Install Now". I have also shared the Windows Update GPO. Take a look at screenshots below:

SC1

SC2

SC23

SC5

SC6

SC4

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,877 questions
Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,964 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. S.Sengupta 21,391 Reputation points MVP
    2023-09-01T01:10:33.7333333+00:00

    In the WSUS console, go to "Options" and then "Synchronization Options" to verify the synchronization settings and schedule.

    If the disk is full, the server won't be able to download new updates.

    Check the event logs on your WSUS server for any errors or warnings related to updates and synchronization.

    Ensure that your WSUS server has the necessary network connectivity and isn't being blocked by firewalls or proxy settings.

    In GPO try this settings:

    Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Delivery Optimization ->Download Mode -Enabled Bypass (100)

    See:

    WSUS Troubleshooting Steps

    1 person found this answer helpful.
    0 comments No comments

  2. Adam J. Marshall 9,601 Reputation points MVP
    2023-09-02T00:10:08.8466667+00:00

    WSUS never PUSHES any updates ever. WSUS is a repository where updates are stored and is a pull system from each individual client. It is the Windows Update Agent (WUA) on each client that does everything - checking for updates, downloading updates, installing updates, restarting the computer, connecting back to WSUS and reporting back any changes.

    Group Policies are responsible for controlling how the WUA operates, and from what your screenshot shows, you have chosen option #3 to automatically download updates and notifiy when they are ready to be installed. What this means is that when an update is needed by the client, is approved and fully downloaded on the WSUS server, the client will find the update, download it, but NOT INSTALL it - instead it will notify the user that an update is waiting to be installed.

    If you want the computer to automatically install the updates you need to choose option # 4 as noted in part 4 of my guide on How to Install, Manage, and Maintain WSUS.

    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-4-creating-your-gpos-for-an-inheritance-setup/

    I'd recommend reading the whole series from start to finish, and then re-reading it while adjusting your settings to work how you want them to in accordance with my guide.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.