Using SCUP to Create 3rd Party Updates: Exclude Updates from Computers

This post is part of an ongoing series about using SCUP to publish 3rd party updates in MEMCM. Previous posts on SCUP and 3rd party updates:

With your workforce likely working from home under COVID-19 lockdown, it’s more important than ever to ensure that your patching is up-to-date, to include 3rd party updates. It’s not enough anymore to just ensure that Windows is patched.

The blog was put together using MEMCM 2002 and SCUP 6.0.394.0, available here:

This post will focus on a method to exclude certain 3rd party updates from installing on a computer. This method uses a simple registry key per app to block installation. This method will make deploying updates much easier, as you won’t need dedicated collections or separate software update groups. I’m going to use a registry key, but a file on the system could also work.

This method is really for excluding all updates for a particular application, not just one version of an application. An example of a use case for this is a computer that must run a certain version of Mozilla Firefox for an application or process to run correctly.

There are two steps involved in this process – first, we need to create an application in MEMCM that deploys a registry value that tells an application to be excluded. This registry value is made-up and is only used for this purpose. Second, we need to add an applicability rule to your software update in SCUP that uses this registry value.

MEMCM Application & Collection

We’re going to use an application in MEMCM to add a registry value to the computer. You can then create a required deployment to a collection that will add the registry value to the computer.

My organization creates a registry key during the imaging process where we store information about the task sequence. This registry key is located at HKEY_LOCAL_MACHINE\SOFTWARE\ContosoCorp. I’m going to re-use this key for this purpose. If your organization does not do this, then I would suggest creating a new key for the purposes of this blog post. I created a sub-key called SoftwareUpdates to store these exclusion values.

  1. Create a new application in MEMCM. I would suggest calling it Exclude Mozilla Firefox Updates.
  2. Go through the wizard as you normally would until you run the section about creating a deployment type.
  3. When you reach the Content screen, do not select a Content location.

  1. In the Installation program box, type (replacing the path with your correct path):
reg add HKLM\SOFTWARE\ContosoCorp\SoftwareUpdates /t REG_SZ /v ExcludeMozillaFirefox /f
  1. In the Uninstall program box, type (replacing the path with your correct path):
reg delete HKLM\SOFTWARE\ContosoCorp\SoftwareUpdates /v ExcludeMozillaFirefox /f

  1. Click Next.
  2. Add the Detection Method.
    1. Click Add Clause.
    2. Change Setting Type to Registry.
    3. Select HKEY_LOCAL_MACHINE as the Hive.
    4. Type SOFTWARE\ContosoCorp\SoftwareUpdates into the Key box.
    5. Type ExcludeMozillaFirefox into the Value box.
    6. Select String as the Data Type.

  1. Click OK.
  2. Configure the User Experience.
    1. For Install behavior, select Install for system.
    2. For Logon requirement, select Whether or not a user is logged on.
    3. For Installation Program visibility, select Hidden.

  1. Proceed through the rest of the Create Application Wizard.

Now that you have your application, you can create the collection to deploy it too. I would recommend creating a collection just for this purpose. Once you have a collection, you can create a required deployment, so that anytime a computer is added to the collection, this application automatically runs.

SCUP Install Rule

Now that we have the application deployment configured, we need to add the same registry key to the update in SCUP as an applicability rule.

  1. Open SCUP and edit the Mozilla Firefox update.
  2. In the Edit Update wizard, go to the Applicability workspace.
  3. Click the Add button.

  1. Create the Applicability rule.
    1. Change the Rule type to Registry.
    2. Type SOFTWARE\ContosoCorp\SoftwareUpdates into the Subkey box.
    3. Type ExcludeMozillaFirefox into the Value name box.
    4. Change Data type to REG_SZ.

  1. Click OK.
  2. Click the exclamation point button (!) to change this rule to NOT.

  1. Click Next and complete the Edit Update wizard.
  2. Publish the update.

Now this update will not be applicable to any computer with that registry key.

Happy Updating!


All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
WME Cybersecurity Briefings No. 008
Cyber Security

WME Security Briefing 03 May 2024

Security Bulletin: MITRE Corporation Targeted by Nation-State Cyber Attack Overview The MITRE Corporation, a prominent security and cybersecurity researcher in the USA, has fallen prey to compromise in its environment because of a sophisticated cyberattack from

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.