Windows Patch Management

Do we need to install all historical patches, if need to patch manually?
We got few new build servers where we need to patch them up-to-date. When we run MBSA, they are giving list of all historical patches missing from years. But from console we can see only latest patches as applicable.
Which process we need to follow?

  1. Install applicable patches from console, ? or 2. Install all missing patches (as per MBSA) manually. ?

I’m getting around 50+ patches in second process, where I need to manually install all of them.

Install what BigFix shows as relevant, and then try the MBSA scan. As well as waiting a while to see whether Bigfix shows any additional fixlets become relevant after installing the first round. Some fixlets will not become relevant until prerequisites are installed.