<div>
so the approval happens in WSUS, and not on each individual server by a systems admin? Until approved in WSUS they wont be deployed to the Server's?
</div>


so the approval happens in WSUS, and not on each individual server by a systems admin? Until approved in WSUS they wont be deployed to the Server's?

<div>
Where exactly does wsus download the patches from?
</div>


Where exactly does wsus download the patches from?

<div>
By default it gets them from Microsoft's servers. &nbsp; You can also configure it to download from another WSUS server that you specify.
</div>


By default it gets them from Microsoft's servers.   You can also configure it to download from another WSUS server that you specify.

<div>
<div class="content wysiwyg-content">
I have no experience with WSUS, but ran some baseline security analyser reports the other week. It lists a number of updates missing, that are confirmed as missing, and also have not been approved by the systems admin.<br />
<br />
What does this actually mean, is this some form of approval on the server itself, or is this a stage within WSUS? I didnt realise the software was checking WSUS, I thought it was just scanning the server itself, so I was unsure where the &quot;approval&quot; thing comes in.
</div>
</div>


I have no experience with WSUS, but ran some baseline security analyser reports the other week. It lists a number of updates missing, that are confirmed as missing, and also have not been approved by the systems admin.

What does this actually mean, is this some form of approval on the server itself, or is this a stage within WSUS? I didnt realise the software was checking WSUS, I thought it was just scanning the server itself, so I was unsure where the "approval" thing comes in.

security patch approval for windows servers

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.