This guide explains how to manually add or import updates into WSUS from Microsoft Update catalog.
The first question that comes to mind is why do I need to manually import or add Windows updates into WSUS? Can’t I simply run manual synchronization in WSUS console and download the update?
The answer to that is sometimes the Microsoft hotfixes and updates are not part of WSUS catalog. So, even if you synchronize the updates in WSUS, you may not see those updates in WSUS console. Therefore, you need to import the updates manually from MS Update Catalog.
Read: How to install and configure WSUS on Windows Server 2019
Adding Updates from Microsoft Update Catalog
As per Microsoft, the Microsoft Update Catalog is a service from Microsoft that provides a listing of updates that can be distributed over a corporate network.
You can manually download Windows updates from Microsoft catalog Update for free. The Microsoft Update Catalog (Windows Update Catalog) offers updates for all operating systems supported by Microsoft. These updates include the following:
- Device drivers
- Hotfixes
- Updated system files
- New Windows features
Microsoft releases Security-related updates once a month. However, if there is a critical vulnerability found, such as a widespread virus or worm, Microsoft will release a corresponding update as soon as possible in the MS catalog.
Read: How to deploy Software Updates using SCCM
Adding updates from Microsoft Update Catalog is easy however there is a procedure that you need to follow. The next topic discusses the steps to import updates into WSUS.
Manually Import Updates into WSUS
Use the below procedure to manually import updates in WSUS. As an example, we will look at importing the update KB4554364 into WSUS. This update is applicable for computers running Windows 10 1903 and Windows 10 1909 OS.
Launch the WSUS console, expand your server and click Updates. In the right pane, under Actions section, click Import Updates.
Clicking Import Updates opens the browser and takes you to the Microsoft Update Catalog site. If you are unable to browse the update catalog site, ensure it is not blocked or restricted by firewall. In the text box, type the update number which is 4554364 in our case and click Search.
Since the 4554364 is applicable to Windows 10, Windows Server etc., you must select the correct OS version. From the list of updates displayed, read click Add button.
Note: While manually importing updates into WSUS, you might find the Add button missing in Microsoft Update Catalog. Here is a solution to fix WSUS Update Catalog Add Button Missing.
Clicking Add button adds the update to a basket. Click View Basket.
Now click Import button. This will import the selected update directly into Windows Server Update Services from Microsoft Update Catalog.
You can monitor the import progress on this window. If the Progress shows Waiting, it means the import operation has begun.
Finally after few minutes, the progress is changed to Done. Click Close.
Let’s check if the imported update has been added in WSUS console. In the WSUS console, click Search. In the Search box, type the update number and click Find Now. You can now see we have successfully imported the update into WSUS.
At this point, you can choose to deploy this update to your endpoints. Refer to the following guide to configure WSUS Server.
WSUS Import Updates Failed
In some cases, while importing an update from update catalog, the download fails. The update goes into the basket, however when you click on the Import button, the update goes to waiting and then shows as failed.
You may see a generic canned message such as If you use a proxy server… and Your WSUS server might not be configured correctly.
To resolve this issue, a simple registry tweak is required. Launch the cmd prompt as administrator and run the below command.
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /V SchUseStrongCrypto /T REG_DWORD /D 1
After you run the above command, try downloading the update again, and it should be successful.
Hi Prajwal,
Is there any option to import KB in wsus if KB is not available in Microsoft catalog?
No, I don’t think so you can do that.
Thanks for you reply.
I have another Query. My client is saying that some KBs are missing in WSUS, and when I checked these KBs these are Delta updates and available in Microsoft Catalog and for the same KBs there is no any Cumulative updates. These KBs are KB4467696 , KB4467686 and KB4467702.
What should we enable in Product and classification so that these KBs can synchronize in WSUS as I can check in All updates there is no any delta updates available right now.
And when I am trying to import updates in WSUS Internet explorer throwing certificate error and unable to open Microsoft catalog website. We have 2012 R2 server.
So please guide me how these KBs can be available in WSUS.
Thanks
Do you know if any way to import from a different repository, such as a local file or the DoD repository at DISA?
Nope, you must import the updates from Microsoft update catalog.
So I imported the updated January 2022 updates into WSUS [Server 2012 R2] – I got the message that they were successfully uploaded and I see them in WSUS, but when I scan for updates on a client server, they are not appearing. Why?
That should take some time. Have you examined the log files?
while importing using IE, I am getting below error:-
“This update cannot be imported into Windows Server Update Services, because it is not compatible with your version of WSUS.”
That issue should be resolved now.
Hi,
When i go to import an update from WSUS, go to basket,import into wsus, it downloads and gives me the green dialog confirming this. but does not show up in WSUS.
I have synced many times.
Do you see any errors during synchronization?
On server 2016
1) ensure IE is your default browser (at least temporarily so WSUS will open IE)
2) when WSUS opens the page in IE if you get an error, change the 1.20 to 1.80 in the URL
3) add to basket and import directly as per directions above
Hi,
I had to access the site manually (www.catalog.update.microsoft.com) on the wsus server cause the “Import Updates” button failed to load anything on IE.
I chose the updates I wanted, but it isn’t giving me the option to import it to wsus directly from the site, just download the updates. Is there a specific directory I need to save it in for my wsus to access the updates?
Thanks,
Hi.
I have WSUS Server on Field Side with no internet where i have to import windows update manually . I have download the Updates from Microsoft Catalog site. Now i need to import these CAB files in WSUS server. kindly advise me to rectify this problem.
Do the updates have to be approved in WSUS before they appear in SCCM? when I run the sync in SCCM after importing a particular update, i cannot see it in sccm. I have also created an ADR for this update which falls into the classification of Feature packs. The update is .NET Framework 4.8 for Windows 10 1809 as all of our 1809 machines are missing the update. Please can someone advise? Thanks
If the import fails, where can we check logs.
The this command on the Administrator elevated CMD then restart the server try again it should work.
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /V SchUseStrongCrypto /T REG_DWORD /D 1
Thank you! That fixed me!
Another thanks here – this fixed me up so that manual updates would download and import properly.
Ditto – first time I’ve had to do this but working fine now.
Hi Prajwal,
when i try to import KB to wsus – i get an error, which says that there’s a problem with proxy or WSUS – but automatic updates work. IE 11, *.microsoft.com added to trusted sites – what can be wrong?
Hi Prajwal,
When i click on import in WSUS the IE opens a blank white page and nothing happens
but if i try to open catalog.update.microsoft.com then it opens but i do not have import option to import wsus..
Thanks in advance
Hello,
I have followed the exact same steps for KB4551762.
There is I still cannot see the KB on the SCCM Console
Please see attached pictures as well.
How can I get to see the KB on the SCCM Console?
I have the same issue, I’ve imported KB4551762, KB4506991, KB4512508, KB4515384 and KB4489639. But, items are not showing up in SCCM. Can you please advise?
Even I am getting the same error now ,could please let me know what the procedure you followed to get this fixed(if this was resolved)
Hi Gokul & Prajwal, I don’t see the option for “View Basket” & “Add” in my WSUS console.
I am running SCCM 1902 in my production environment.
Please help me , how to get those options visible in browser.
I have tried accessing Microsoft Update Catalog site on IE,Chrome & Firefox, but still not getting those options available.
Waiting for your reply & solutions.
Thanks 🙂
Hi, Hope you have gone through the above Steps. Search with partucular KB and you will have an option ADD, Once added it will visible under VIEW BASKET
Hi Gokul
When a click on view basket I obtain a window that shows me only download button but not Import button. Is there something that I missed?
Thanks and regards.
Use internet explorer to access update catalog site.
Hi , Please use IE browser as default
Thanks Its working..