IT Process Automation – Deploy the KB4012598 patch to protect endpoints against WannaCry

In this Process Automation tutorial, you will learn how to build and execute a workflow to deploy the Windows update KB4012598 which protects endpoints against the WannaCrypt/WannaCry Ransomware. Once you master the steps, you can edit, modify the workflow to deploy other windows patches by following the same process.

This Process Automation consists of two Action modules. one module that will deploy the MSU file for Windows 8 machines and the second module that will deploy the EXE for Windows XP/Server 2003.

Note: The Windows 8 method also works for deploying MSU files to Windows 7, 8.1, 10, Server 2008/12/16 OSes as well.


  1. Download and drag/drop the .GSA file into your Process Automation UI (or click Open if you are accessing this site from the Goverlan Console Welcome Page)
  2. Adjust the Scope to target your groups
  3. Update both action modules with the appropriate paths for the MSU and EXE update patch files as shown below in screenshots #2 and #3.
  4. Run it!