block patches in wsus

I'm wanting WSUS to block or prevent a specific patch from being pushed or deployed to all my systems.

For example I don't want WSUS to push / deploy KB958650

How is this done in WSUS, in the past its been all or nothing, but I remember that I have to approve all patches. Could I just not approve a patch and it wont ever get pushed  / deployed to all my systems? Also what would happen if I just simply declined the update, would that work?

Thanks
sorensenbradAsked:
Who is Participating?
 
DonNetwork AdministratorCommented:
You would just decline this update, you can do a search and  when found right click on it and select decline
0
 
chuckyhCommented:
You need to check your "Automatic Approvals" options, do you have any rules that approve updates as they come in? If not then you have to approve all patches that come in before the clients can install them. You can either leave that patch unapproved or decline it.
0
 
FreshandeasyCommented:
Patches is approved from wsus server at 10 AM & Policy is set that client will install & reboot at Eg: 4:00 PM. but now we need to stop the installation on all client how do we do it. is there any policy to do that or just by declineing this update will work.

Note : Client is alredy downloaded the patchs but not installed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.