I'm sure this has been asked many times, but could anyone tell me why the Windows Update Scan tool in Patch Manager gives different results from the WSUS reporting feature? When I choose a machine, choose Computer Explorer, and click on the Windows Update Scan tab I receive the report of the patch status on the machine. The problem is the default interface, quite often, conflicts with the number of (approved) patches needed for the specific system. For example today the approved update summary for a specific machine shows 3 updates not installed, but if I do the Windows Update Scan on the machine it shows the machine as fully patched. The machine has reported in just today so the odds of the the WSUS having unreported data is slim. I have seen this issue many, many times to the point my co-workers feel the scan tab is useless. Any help would be appreciated.
Thanks,