I've been testing Patch Management Solution 7.1 on a set of VMs with their Windows Update (WU) set to receive updates "For Windows and other products from Microsoft Update" and have it just "Check for updates..." as a basis of comparison on what Windows detects as important updates and what Patch Remediation Center (PRC) offers me. For the Microsoft updates in PRC, I tried just distributing those that had a Compliance less than 100% and Severity level anything but Unclassified.
Now in WU on any given client, it's reporting that there are new (important) bulletins available. At least for one KB, it was actually available under an MS12-Axx bulletin in the PRC which are listed as "Unclassified". Should my patch management goal be to match whatever WU detects as important and deploy the same via PRC? I'm a bit confused why WU deems a KB "important" whereas MS12-Axx lists it as "unclassified". What's even more confusing is that I can't seem to find some KBs which WU lists in the PRC.
So curious whether most of you are just deploying ALL Microsoft updates in the PRC or aren't concerned that WU will always say that new updates are available? I'm wondering even if I blasted out everything MS from the PRC if WU will still show that additional updates are available? Just trying to develop a methodology on what Microsoft updates I should be pushing out and didn't want to just distribute everything unless that's what many of you are doing. At least for the MS12-Axx updates, they look like ones I'd consider deploying as well although not so sure about those MSWU ones.