Please fix Windows Updates on Server 2016 to allow more control in search and installing updates, similar to previous Windows Server versions. The inability to control which updates can be applied is outrageous! The ability for updates to install without any control is mind boggeling. FIX THIS AT ONCE!!!

Why is my Windows Server 2016 1607 installing, in order:
2018-05 Cumulative Update
(Download, reboot)
2018-06 Cumulative Update
(Download, reboot)
2018-07 Cumulative Update
(Download, reboot)

If the update is cumulative, should not only the last one be requited? This is an incredibly wasteful and annoying time sink.

Hi,

That is a bug in Windows Server 2019!

We have Group Policy for Windows Updates and use in our infrastracture WSUS. According to Group Policy, the updates will be downloaded to the system, and then an administrator will install manually the downloaded updates.

We tested Windows Updates onsome Windows Server 2019 machines.

If the click "Check for updates", then the updates will be downloaded and automatically installed!!! That is fatal!

If I check "View configured update policy", then our policy are listed for the updates. It seems all are correct.

"BUG by Design"?

Best regards

Birdal

Using the following PowerShell snipet to remove the binaries from unused roles and features worked great in Windows Server 2012-2016.

Get-WindowsFeature | Where-Object {$PSItem.InstallState -eq "Available"} | Uninstall-WindowsFeature -Remove

When used in conjunction with Features on Demand this results in smaller install footprints for VMs and VM templates. Doing so in Windows Server 2019 breaks future CU installs due to the new PSFX update engine (error code 0x800F0982 PSFX_E_MATCHING_COMPONENT_NOT_FOUND is returned).

We can configure a new WSUS server using the COM API and PowerShell cmdlets for every option in the UI except for setting the e-mail notifications.

We can Get them:
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/aa349873(v%3Dvs.85)

...but there's no way to Set them.

At my company, the build is fully automated including installation and configuration of WSUS, but for the e-mail notification settings.

On the Windows Admin Center Manager WSUS, allow updates, allow machines, create groups ...

not able to print from this comp.?

the "Scheduled install day" and "scheduled install time" group policy settings under "computer/administrative templates/windows components/windows update/configure automatic updates" are being ignored by server 2016 in favor of "active hours." having active hours on servers is utterly ridiculous. I need certain servers to reboot in a certain order only on Saturday nights.

Please provide full information what is fixed in cumulative updates. What kind of information is this:

https://support.microsoft.com/en-us/help/4038782
Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Windows scripting, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and the Windows DHCP Server.

We need proper description of fixes for an OS we pay licenses.

Currently for arch it looks like someone dissassembles your .deb package and moves things around. It would be a lot easier on us to just be able to make install, or at least for a suggested folder structure to go into the .tar.gz. At very least, the files should be put into a subdirectory as is the norm with all linux installs. I ruined my download folder with the current package

WSUS should have an easy way to search for all updates for a specific product

Include al necessary symbol files and updates to base OS and current updates. Many environments do not allow server access (and in some instances workstation access) to the internet to update symbol files as needed. I have tried every posted articles suggestions on getting the windows update log into useful, understandable English, with the only success being to reimage my windows 10 Enterprise desktop. I refuse to do so with my domain 2016 servers!

Actually it is not really possible to use automatic acknowledgement rules without acknowledgeing any Preview security or preview feature upates for Windows 7, 8.1 etc.

Please put them a seperate WSUS Category e.g. preview rollups so that an effective testing can be made with rulesets and a test group of computers.

I am missing to have more options than just a very common keyword search in Microsoft Update Catalog.

setting up filters like OS version, branch, x86 / x64 and update categories AND date equal / greater than would be amazingly helpful to find a specific group of updates.

Admit it, the current search is not very helpful if you are NOT searching for a specific KB but a set of updates.

E.g. try to enlist all Windows 2003 Server Updates released after January 2017. Good luck, trying.

Actually Windows 10 on WSUS is only reflected by a major product category and LTSB.

It would be much better if you could add a product category for each branch / release:

such as:
Windows 10 1507 (LTSB 2015)
Windows 10 1511
Windows 10 1607 (LTSB 2016, CBB)
Windows 10 1703 (CB)

This would allow companies with a good patch management to effectively avoid downloading CU patches for Windows 10 that they do not use and also would help to categorize updates in the views.

The current 12 hour window for "Active Hours" needs to be longer so the updates/reboots can happen in the middle of the night.