SCCM Software Update Report

SCCM Software Update Report

Address your Devices Security Status

Managing and monitoring software updates in SCCM can be complex.

Our SCCM software update report removes this complexity. A simple view of software updates needed for all your computers.

This report can work with the Software Updates Deployment Report or in standalone mode. When both reports are linked, it allows to click on a number in this report and be sent to the Software Updates Deployment Report. The report will show only the requested information.

Report features :

  • List compliance percentage per machines
  • List number of missing update per classification
  • Assess Severity Compliance of your site to comply to Microsoft’s recommendations
  • Shows Windows update agent version with last scan state status
  • Display client agent Software Update Point asssignation
  • Report is scoped by collection to display only wanted devices
  • 5 comprehensives pie charts

Free Support

We make sure that the report you purchase will work on your environment.

5 min Installation

By following this step by step guide, the report is install in 5 minutes.

Fast roi

This report is very useful and save a lot of time to your administrators.



One Time Purchase
  • No drilldown experience
  • only one report
  • Free update
Buy Now!


For any questions, please send us an email to

30 Comments on “System Health – Software Updates”

  1. I noticed with the report that it checks software updates even if they are NOT downloaded or deployed. So if WSUS downloads the patch, and you have not yet put that into a SUG and deployed it will show up on your report. This is an issue if you are trying to use reports to show Compliance as we typically would run 30 days in the past on patches. As a feature I would suggest putting in an option to show patches that are downloaded=true. Thanks

  2. This report is very useful. Thanks for the report.

    Problem encountered:
    – When clicking link under Severity (Both Critical & Important), it would redirect to Report named “SystemCenterDudes – Deployment – Software Updates” – which is not found (should be WITHOUT SystemCenterDudes – instead).

    Features Suggestion:
    – Can I have option to specify to display only approved updates only?

  3. Great Report Love it! However how do you change the last scan date/time to be your client time instead of UTC. It drives my boss nuts with the time of scans being off by so much….

      1. Big Ocean fan, but if I’m honest I’m really disappointed. Im forming a very early opinion – I’ve only listened to the album once through so may change my mind but i doubt it. What made the first album/mixtape great was how melodic the tracks were as well as being so well written. Whilst lyrically great – all of the tracks are too unstructured (great when used sparingly – but not so often in one album). The only shining lights are Thinkin bout you (melody!!) and the two cameos from Earl and 3Stacks. Peace.

  4. Dear Mr Lecours
    I have purchased this report and i am going to purchase “Software Updates Deployment Report”.
    How to link them together?
    What shall i do?

  5. It looks as though a list of “Missing Patches” has already been requested and answered on this board. Do we have an estimated ETA on when the report will be available? Will this report integrate with the currently purchased report or will it be an additional cost? The addition of a drill down and/or ability to generate a list of missing patches is crucial in my environment. Thank you in advance, Brent Terry

    1. Hi Brent,

      The report should be available this week. It will be released as a new product. It will be possible to link both report together.

  6. Are there log files you can view on the client to see what updates are missing? Running Windows Updates says everything is up-to-date but there is one Critical update classification missing. However under everything under Severity it’s 100%. So “Severity: Critical” and “Classification: Critical” are not the same updates?

    1. Cool beans. There is an integrated report that was able to tell me what “Classification: Critical” update is missing. The report is called “Compliance 5 – Specific computer” in the “Software Updates – A Compliance” folder. The “missing” update is not deployed to that computer. I guess Windows updates are different than SCCM updates. I’ll deploy the update and see what happens.

      1. Hello Mad,

        Yeah, this report shows all required updates even those without deployment. Take a look to this one : Deployment – Software Updates

        You can target devices by collection and by software update group deployment name.

        If you have bought the original report, please contact us by email and we will send you for free the new version of System Health – Software Updates. With the new version, both reports will be linked.


  7. I was wondering if the software update report has the ability to display what update(s) are missing (by Bulletin ID and Article ID) per workstation and can you run the report based off of a specific software update group? What about the ability of running the report using multiple SUG on a Device Collection? Perfect example is we have a software update group for each calendar year (2009-2015) and for us to get a true compliance, the report would need to include all udpates from all of those software udpate groups and run it against our “All Workstations” collection. We currently have a report that is distributed daily that lists any workstation that is missing a required update. The report is excel based listing the machine name in one column and each update it is missing in the next. Would this report be capable of providing a comparable solution? Thank you very much!!

    1. Hi Lee,

      This report doesn’t show which updates are missing. But this one does : Deployment – Software Updates

      You can also target by collection and by software update group deployment name. For more details, click on the link.

      If you have bought the original report, please contact us by email and we will send you for free the new version of System Health – Software Updates. With the new version, both reports will be linked.


  8. One more question.

    If we have Adobe’s SCUP for Flash and Reader setup with SCCM, will those updates be found as Critical/Important or does this only work for Microsoft updates. I guess it depends on how Adobe classifies their updates.

    1. It’s a pleasure!

      Yeah, you will be flag for any required updates.

      Exactly, this report shows you which updates are missing from each machine. Currently, we are working on a report that will show you the 30 missing. 🙂 Stay tuned!

      I executed the report on machines that have required SCUP updates in our lab and I confirm that SCUP updates will be shown in the report.

      True! Let us know if you need any help on other products.

      1. What if I forgot to deploy the newest patch Tuesday updates and I’m a week behind, and imagine there were a lot of critical updates. Would this report say my machines are noncompliant after a week? Would it matter that I didn’t deploy those newest updates?

        1. The machines send software updates evaluation information each time there’s a software updates scan cycle on your devices. If the scan cycle is configured to run each day on your devices, the report will shows non-compliant after 1 day. However, keep in mind that if SCCM is not configured to receive new updates automatically, then you are ok. As soon the updates are integrated in SCCM and they are evaluated, the report will be updated. The most important updates to keep low is Critical and Security. You are not forced to patch all required updates each month if you can’t, but it is recommended. So it’s your job to make sure devices received new software updates.

          1. Thanks for the quick responses; it’s starting to make sense now. Our SCCM Synchronizes updates every hour, and our clients do an update scan every other day. I just wanted to make sure that if I missed deploying a critical update my machines would get flagged/found in this report. Sounds like that’s what would happen. Before the only way I knew how to measure compliance was to deploy the updates to a collection then check that deployment status.

            Does this report show you which updates are missing from each machine? E.g. one machine is reporting that it’s missing 30 Critical updates, you click on the “30” in the report and is shows the 30 critical missing updates.

            SCCM is powerful but it seems to be lacking the quality dashboards that other products have. SCCM’s pre made reports are pretty basic. However, this looks very nice. I’ll have to look through some of your other products.

Leave a Reply