I am attempting to deploy software updates to our network using SCCM many updates however are showing as "not-required" when I am fairly certain they should be, for example Windows 7 Security updates are only required by 1000 of our 6000 computers.
All 6000 computers are for the most part identical builds and thus logically this should be required for all of them.
When a new definition for SCEP comes out however that is properly showing as required for all 6000 computers.
This can occur, if there is a pre-requisite of some kind, e.g. at a certain point, MSFT will demand/require you to have a certain servicepack or rollup, to get updates after that. If you don't deploy that servicepack or rollup, WSUS/ConfigMgr will
not offer any further updates to that client computer, because the WUAgent detection doesn't return any results, because that servicepack/rollup is missing.
So, this also happens in situations where a product/feature upgrade is desired but not being offered, because the pre-requisites are not detected as present - a good example of that, is an IE upgrade.
So, are you missing a pre-requisite on these machines? Find out, deploy that, and does the situation change now?