Applying Security Patch KB4012598 on XP Machines using GPO

As we know that last week has been quite messy due to of Ransomware name Cryware/wannacry. A lot of us were hassling up to update our machines with MS17-010 Patch. Looking the criticality nature, even Microsoft has released its patch for Windows XP and Windows Server 2003 which are EOL (End of Life) Product. But it’s messy for applying these patches for Windows XP and Windows Server 2003. Even though Microsoft has released the Patch, they are not available on SCCM SUP as well on WSUS. So, here we are Applying Security Patch KB4012598 on XP Machines using GPO. Yes, obviously, it’s not great idea to patch our machine using scripts and GPO. Although in cases like these, we need to have choose such options.

Not only these, we have found a lot of client do have an issue with managing the patches for the client machines. They don’t have any centralized updating server like WSUS and SCCM SUP role. For those clients, also you can use similar kind of script to perform these activities.Although we strongly recommend to use SCCM SUP role for the patch management of Windows Machines.

Focusing on the topic. Let me start with the outline of Patching.

  1. Download the Update
  2. Need to check if the machine is Windows XP or not?
  3. Apply the patch on the machine, if already Patched… need to exit.
  4. Reboot the machine.


you can use the reference to use GPO from this link:

How to Publish using GPO

Similarly, you can do same for other bath of updates too. Hope this was quite easy method and will be helpful to you for other cases too.

One Comment

Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.