Last week I have received a Microsoft Security Bulletin Alert for a Critical Patch
Being a serious issue i had to skip the normal routine (and best practice in any environment) of Patching the Pilot Servers first and then the Main Groups.
So i decided to lend a helping hand in a small tutorial if you want to make a quick package and deploy it with such cases.
First thing to do is to look for the KB number of the Bulletin.
In our case for Microsoft Security Bulletin MS15-034 the KB is 3042553
Go to Software Library -> All Software Updates -> Search for 3042553
Be sure to check if the KB package is downloaded or not.
Select and desired Packages for your specific OS that you want to target, and then Create a Software Update Group
I already have a Group for this, i call it OOB Required (Out of base updates that are required)
Go to Software Update Groups -> Right Click on your newly Created Group -> Deploy
Follow the standard Wizard Guide and be careful on the Scheduling and User Experience if you do not want Servers to reboot in daytime.
This KB3042553 will require a reboot.
As a extra precaution, i always use a Maintenance Window Set on all my collection so that no update can reboot my Server during work hours.
For example in this case i used a 1 time Maintenance Window without a recurring event, just for this KB package alone.
And that is it.
Remember to always patch Critical Patches like these to have a healthy environment.
P.S. Also try to look on all Microsoft Forums before applying patches without testing in your environment, since there have been loads of cases where even a simple SCEP definition update caused major problems.