Ok, so I may be missing something here. KB4589210 is the most recent version that supersedes 4346087. I can search for it in WSUS and approve it to groups. I also use Solarwinds Patch Manager(PM) to make it easier to manage updates. So when I go into PM, after approving the update in WSUS, it shows up as "Unknown" as its status. Then the next morning it disappears in the updates tab for the servers I approved it for in PM, yet doesn't install on the servers.
Note: If I manually install the update, the vulnerability disappears in the Nessus Scanner.
Our server version is as follows:
Edition: Windows Server 2016 Datacenter
Version: 1607
OS build: 14393.4046
What am I missing?