On Thursday (Aug 8) Microsoft announced the forthcoming content for Patch Tuesday – Aug 13, 2013.
Number of Releases: 8
Critical Security Updates: 3 addressing vulnerabilities in Windows, Internet Explorer, and Exchange Server 2007/2010/2013.
Important Security Updates: 5 addressing vulnerabilities in Windows.
You can have Microsoft's security bulletins sent directly to you:
To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications.
Microsoft also hosts a webcast where they discuss the releases, typically the Wednesday after Patch Tuesday:
Microsoft will host a webcast to address customer questions on the security bulletins on Aug 14, 2013, at 11:00 AM Pacific Time (US & Canada).
Register now for the July Security Bulletin Webcast. After this date, the webcast is available on-demand.
You can also follow the MSRC team at @MSFTSecResponse.
Updates are typically released by Microsoft at 10am PDT (5pm UTC).
Configuring WSUS servers to synchronize relative to that time can be helpful in expediting availability of these security updates.
One of the questions that I continue to encounter from new WSUS Administrators relates to taking approvals for updates deployed to a testing group, and easily duplicating those approvals onto one or more production groups. In this article we’re going to look at how to do that using the WSUS native console.
It’s actually a very simple process, but we’re going to do a step-by-step in the article. The process goes like this:
In the WSUS console, select the Updates node in the console.
Right click and select New Update View…
In the section Step 1: Select properties” check the third option in the list “Updates are approved for a specific group”.
In the section Step 2: Edit the properties click on the hyperlink for “a specific group” and select your test group from the list of groups. In this example we've selected "Test Computers".(If you have multiple different test groups, you’ll need to create a custom update view for each test group.)
In the section Step 3: Specify a name enter a view name appropriate to the defined content. Here we've named the view "Test Group Approvals".
After selecting the view, you’ll likely want to modify the view a bit to make it more efficient for this use.
The Approval column can provide a key indicator as to the updates you’re interested in selecting. Aside from focusing on the updates with a release date consistent with your patch collection, the Approval column can be used to provide hints to the updates approved only for the test group. In the Approval column it’s likely the case that the entry looks like “Install (1/#)” where the value ‘1’ represents the test group as the only current approval target, and the value ‘#’ represents the total number of target groups configured on your WSUS server. We can see that this server has ten target groups defined (including "All Computers" and "Unassigned Computers").
Using the Release Date column and/or the Approval column, identify the updates to be approved for the production group(s). Select the updates using Shift-Click or Ctrl-Click. Right click and select "Approve" from the context menu.
Here I’ve selected three updates approved for the Test Group and will approve them for the Win2008R2 group.
Make special note that these custom update views in the WSUS Admin Console are created on a per-user basis, so if multiple administrators need this view, it will need to be created on each console.
Part 1: Package Creation Fundamentals, August 7, 2013, 11am CT
Lawrence Garvin, SolarWinds Head Geek and WSUS MVP, will provide an overview of the detection logic used by the Windows Update Agent and how that determines the update states reported to WSUS (Installed, Not Installed, Not Applicable), the three rule sets (Prerequisite, Applicability, and Installed) thate comprise the detection logic and how they are used in the detection process, focusing on the six detection logic rules that are used in 99% of package creation activities.
Part 2: Creating Packages with Patch Manager, September 4, 2013, 11am CT
Lawrence Garvin, SolarWinds Head Geek and WSUS MVP, will discuss how to create basic and advanced packages with the Package Wizard feature of Patch Manager. He will also discuss how to use the PackagBoot™ function to create complex before and after deployment scenarios. Bring your questions and we’ll answer them!