I have 2 servers on the whole Microsoft server park on which I cannot apply any patches. They are not relevant for any Miccrosoft patch even the last one (MS-20-OCT, KB4580346). They are the main BigFix Relay server and the secondary Bigfix server. I searched in all configurations, I found no parameter that can block the application of the patches (Windows Update, …).
For this last MS-20 OCT patch, I checked on both servers the value of the UBR key (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion), it is indeed equal to 3326. However, when I remove rule 7 which requires this value to be lower than 3986, the fixlet becomes relevant for both servers.
Is it a registry check problem for only the main relay and the backup server?
Can you help me find an explanation for this?