The best way to deploy windows updates according to my experience is by using Automatic Deployment rules.

To setup a working Deployment rule there are few configurations and settings that need to be in place and working without errors.
1. Software Update Point (SUP) : Products and Sync Schedule
2. Site System role : Proxy Account
3. Device Collection : Query based collection
4. Client Settings
5. Automatic deployment rule
Continue reading →