Skip to main content

Not sure if there’s a problem or something isn’t configured correctly… We have groups of Windows servers (group 1, group 2, etc.) with patch policies (patch 1, patch 2, etc.). I’ve noticed that if there multiple rounds of Windows updates, the policy will only install the first round. I have manually run the policy again to install the remaining patches. 

For example, policy runs at 8:00 am, installs number of patches and server reboots. After reboot, the server still has available patches to install and I have to manually run the policy to install the remaining patches.

 

Hi jlavetan,

It possible you are running into a situation (not every month, but often) where a Servicing Stack Update was available for your devices. These are exclusive updates and need to be installed on their own.

Typically Automox will install all available updates at once except in these situations. The policy will run once and needs to be run again to get the rest of the items. The second run of this policy (the top result) has 3 KBs that it took care of, all of them also needing a reboot.  A single reboot was performed in this case.

IF that was what you saw, best practice is to put a Patch Only policy in place for any ‘SSU’ updates and have that run just prior to your regular patch policy. SSUs are typically very small and do not require a reboot, they simply need to be installed by themselves.
https://learn.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates

https://help.automox.com/hc/en-us/articles/5352154563988-What-Are-the-Recommended-Best-Practices-for-Patching-in-Automox-

Let me know if you have any additional questions.
Mark


That was exactly the scenario. Thanks for clarifying!


Reply