Please fix Windows Updates on Server 2016 to allow more control in search and installing updates, similar to previous Windows Server versions. The inability to control which updates can be applied is outrageous! The ability for updates to install without any control is mind boggeling. FIX THIS AT ONCE!!!

On Server 2019 you should have the option to see the newly released updates, select which ones to install, and be able to manually install them when desired in all situations. Updates should not be automatically installed.

I have posted on Technet forums about this as well: Windows Malicious Software Removal Tool November 2019 reinstalling each time I run Windows Update on Windows Server 2019 (build 17763.864 ) . It ia not re-downloaded, just re-installed (re-ran) Is this a bug? I guess so, I hope the machine is not infected with some nasty thing.

Hi,

That is a bug in Windows Server 2019!

We have Group Policy for Windows Updates and use in our infrastracture WSUS. According to Group Policy, the updates will be downloaded to the system, and then an administrator will install manually the downloaded updates.

We tested Windows Updates onsome Windows Server 2019 machines.

If the click "Check for updates", then the updates will be downloaded and automatically installed!!! That is fatal!

If I check "View configured update policy", then our policy are listed for the updates. It seems all are correct.

"BUG by Design"?

Best regards

Birdal

Using the following PowerShell snipet to remove the binaries from unused roles and features worked great in Windows Server 2012-2016.

Get-WindowsFeature | Where-Object {$PSItem.InstallState -eq "Available"} | Uninstall-WindowsFeature -Remove

When used in conjunction with Features on Demand this results in smaller install footprints for VMs and VM templates. Doing so in Windows Server 2019 breaks future CU installs due to the new PSFX update engine (error code 0x800F0982 PSFX_E_MATCHING_COMPONENT_NOT_FOUND is returned).

Why is my Windows Server 2016 1607 installing, in order:
2018-05 Cumulative Update
(Download, reboot)
2018-06 Cumulative Update
(Download, reboot)
2018-07 Cumulative Update
(Download, reboot)

If the update is cumulative, should not only the last one be requited? This is an incredibly wasteful and annoying time sink.

On the Windows Admin Center Manager WSUS, allow updates, allow machines, create groups ...

We can configure a new WSUS server using the COM API and PowerShell cmdlets for every option in the UI except for setting the e-mail notifications.

We can Get them:
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/aa349873(v%3Dvs.85)

...but there's no way to Set them.

At my company, the build is fully automated including installation and configuration of WSUS, but for the e-mail notification settings.

the "Scheduled install day" and "scheduled install time" group policy settings under "computer/administrative templates/windows components/windows update/configure automatic updates" are being ignored by server 2016 in favor of "active hours." having active hours on servers is utterly ridiculous. I need certain servers to reboot in a certain order only on Saturday nights.

not able to print from this comp.?

Please provide full information what is fixed in cumulative updates. What kind of information is this:

https://support.microsoft.com/en-us/help/4038782
Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Windows scripting, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and the Windows DHCP Server.

We need proper description of fixes for an OS we pay licenses.

Currently for arch it looks like someone dissassembles your .deb package and moves things around. It would be a lot easier on us to just be able to make install, or at least for a suggested folder structure to go into the .tar.gz. At very least, the files should be put into a subdirectory as is the norm with all linux installs. I ruined my download folder with the current package

WSUS should have an easy way to search for all updates for a specific product

Include al necessary symbol files and updates to base OS and current updates. Many environments do not allow server access (and in some instances workstation access) to the internet to update symbol files as needed. I have tried every posted articles suggestions on getting the windows update log into useful, understandable English, with the only success being to reimage my windows 10 Enterprise desktop. I refuse to do so with my domain 2016 servers!

It would be nice to have a way to easily upgrade or migrate from Windows Server 2016 to Windows Server Semi-Annual

Windows update troubleshooter (fully patched server 2016) using the built-in tool always reports 0x80070057 "potential windows update database error detected" If you run the tool available here then no errors are reported. https://support.microsoft.com/en-us/help/4027322/windows-update-troubleshooter