Modify, Delete, and Decline Third-Party Updates in WSUS with Patch My PC

You can viewdeletedecline, and show applicability rules, much more for third-party updates within WSUS using the modify published updates wizard.

The modify published updates wizard can help perform various actions on third-party updates that are published to WSUS. The wizard can be accessed with the button shown below in the Options window that can be opened from the Updates tab in the Publisher.

Topics covered in this article:

Open the Modify Published Updates wizard in the Options window found in the updates tab.

Publisher - Updates - Options - Run Wizard

Filter Selections for Published Updates

Once all updates have loaded, you can easily filter the list of published updates.

Filter updates in modify published updates wizard

You can filter updates by the vendor, declined status, expired status, or metadata status.

More InfoIf you select multiple updates in the list view, you can check the checkbox by clicking the space key on your keyboard.

Show Only Updates for Not Enabled Products

The checkbox to Show Only Updates for Not Enabled Products allows you to show any updates published from the Patch My PC’s catalog that isn’t currently enabled in the Updates tab.

Show only updates for not enabled products

More InfoNote: The checkbox Show Only Updates for Not Enabled Products can be a great option to decline or delete old updates for products not currently enabled.

Available Actions to Perform on Published Third-Party Updates

There are a variety of actions that available for published third-party updates within WSUS.

Modify Published Updates Wizard Actions in Patch My PC

Re-Sign Update

The re-sign update will allow you to re-sign an already published update with a new WSUS Code-Signing Certificate. Re-signing can be helpful if your WSUS Code-Signing certificate expired and timestamping was disabled. Important: If timestamping is enabled (enabled by default), clients would still trust updates signed after the certificate’s expiration date.

More InfoImportant: If updates are re-signed, you will need to delete all re-signed third-party updates from your ConfigMgr deployment package, trigger a software update sync, and redownload the updates for re-signed updates to be used by clients.

Decline

This option will decline the third-party update in WSUS. When a third-party update is declined, clients will no longer scan against the third-party update. After an update is declined and a software update point sync is performed, the update will show as expired in the Configuration Manager console.

Un-Decline

This option will revert the declined status in WSUS. Clients will start to scan against this update, and the status will show as normal in Configuration Manager after the next software update point sync.

Delete

This option will completely delete the update from the WSUS database. We don’t recommend deleting an update if the product for the update is still enabled for publishing.

More InfoThe delete update button is not enabled by default because it can cause hash issues if an update is deleted, and that product is still enabled, causing the same UpdateID to be republished. If you have a scenario to delete updates, such as cleaning up vendors from WSUS you can enable the button using the value below:

 REG ADD “HKLM\SOFTWARE\Patch My PC Publishing Service” /v EnableDeleteUpdates /t REG_DWORD /d 1 /f

Show in WSUS

This option will configure the update to show directly in the WSUS console. By default, third-party updates aren’t visible directly in the WSUS console, and if you are using configuration manager, they don’t need to be visible. This option can be helpful when using standalone WSUS for updates.

Hide in WSUS

This option will configure the update to not show in the WSUS console. By default, third-party updates aren’t visible directly in the WSUS console.

Show Applicability Rules

This option can be helpful if you are troubleshooting the update detection states on a device. When clicked, you will be able to see the applicability for the installable and installed logic for the update.

Show Applicability Rules

More Details

This option will show more advanced details about the published updates in WSUS. This may be helpful for more troubleshooting scenarios.

Third-Party Update More Details