KACE patching of Windows "Important" patches
I have one goal. I want to detect and deploy any patches that are considered "Important" Windows patches that are the "Important" patches when you manually run Windows Update. I just ran a "Detect All" patch schedule on my laptop and ran the Windows Update check and the numbers are off. Windows detected 45 "Important" Updates whereas KACE only detected 38! Maybe windows is not discounting the "Superseeded" patches, but I want to be certain. Anyone have a patching smart label that you use to get these patches specifically?
First, if you are using the Severity field to identify "important" patches, you should know that Severity is assigned by Lumension (KACE's patching partner), NOT by Microsoft. Second, why are you so concerned with only "important" patches. What is the definition of "important" to you?
One of the "important" points I always discuss with customers, when I train them on K1000 patching, is how nonsensical terms like Security, Non-Security, Critical, Recommended, OS-patch, App-patch, are. There are no industry-standard definitions for these, which means that even if the vendors (MS, Adobe, Oracle, Apple, etc.) provided definitions of these terms, they wouldn't agree with one another.
Also, even if they did agree, they aren't always going to get it right for YOUR environment. For instance, there are countless "security-related" patches that aren't marked as "security" type patches.
Just some food for thought. I certainly can help you create any kind of patch label you might want, though. Lemme know what you need.
First, can you identify a single specific patch, that I can research, that is marked as "important" in WindowsUpdate, but NOT in KACE? Or vice versa?
Second, have you watched our Patching Week KKE videos? (http://www.kace.com/support/training/kke/archive?tag=patching&language=en) They'll provide a good basic primer on "KACE" patching.