It sounds like you want a dynamic whitelisting solution, (which would allow you to specify a publisher/certificate as an updater to maintain the whitelist). In reality you would probabaly need several methods for doing this, as many things are not signed or not signed consistently, (e.g. Adobe use lots of different certs).
@Mithun
Question: Is there anyway to allow all such updates without adding each patch, updates signatures manually in application whitelist?
Why would you allow the MS update patches to the Whitelist. These updates are not Threats. These updates are already carrying good Reputation.
The reason you would want to do this, is that the definition of whitelisting is that only whitelisted files are allowed to execute. So, the challenge is how to maintain the whitelist. Using static admin maintained entries is not a viable solution (win xp contains approxaitely 3000 'executables' - you want to create that list? you want to update it ???).
@Atif Bit9 /McAfee/Lumension offer whitelisting solutions that would probabaly give you exectly what you need.
Cheers,
Jay