Why do you ultimately want WSUS 3.0? Because you won’t need workarounds to get your Vista boxes to patch. You can have the server deploy the Vista patches rather than have all Vista machines go to Microsoft update individually. Furthermore you will want WSUS 3.0 due to the prefered way is to have WSUS house the patches not reinstall them over and over again. In locations where you pay per the downloads and what not, having all of your Vista machines point to Microsoft update and download the same bits is sort of dumb. Thus having WSUS be the Vista patch repository is, in my opinion, the right way to patch Vista boxes and this will be how WSUS 3.0 does it.
In the meantime on WSUS 2.0, while one can adjust the registry and remember to block the group policy application because once you reboot the system that group policy will reapply (one thing that the “expert” in the managed newsgroups forgot to tell the poster the other day as they missed that step), the fact is this “let Vista grab patches from Microsoft Update during the WSUS 2.0 era” is indeed just that …a w-o-r-k a-r-o-u-n-d for something that should work natively. WSUS 2.0 has had the Vista Ultimate Extras as a category for months anyway.
And for the record…regardless of what anyone thinks, I do approve all comments unless they are spam. I don’t consider “workarounds” to be anything other than just that. A work – around for something that should work and doesn’t on WSUS 2.0 and will work as expected in WSUS 3.0.
No, the preferred way for the temporary “workaround” until WSUS 3.0 is released, which I will be blogging later is to get the group policy only point non Vista boxes to the WSUS patching point. This can be done with a WMI filtered Group policy setting. I’ll be blogging that with screen shots later. This “so-called-amateur” doesn’t blog posts about “work arounds” before they are ready to give full instructions with screen shots and have tested it personally …. but that’s just me.