CommandLineInstallation
that specifies the additional parameters to pass the binary during the update installation. Without HTTPS, the WSUS is vulnerable to Man-in-the-Middle attacks where adversaries can either pose as the update server and send malicious updates or intercept and modify updates sent to the clients.http://wsus.domain.local/
, showing the use of HTTP instead of HTTPS, the attacks can be attempted.clients -> legitimate WSUS
to clients -> attacker's WSUS
Settings > Update & Security > Windows Update > Check for updates
.