Hello
We have noticed that most/all our Windows machines have the Local Group Policy "Configure automatic updates" set to Disabled, ie. Windows updates are not installed automatically and must be done manually by the user. By default all GPOs should be set to "Not configured". We are afraid this is the cause of some unpatched machines we have had.
I know that F-Secure has an Updater service, but I can't really see locally on the machine what takes care of what, so I can imagine that F-Secure has disabled Windows' updater to take care of it itself - to avoid a problem we had some time ago where F-Secure would wrongly install Delta updates alongside Windows, bricking the machine.
We're running a Samba NT4 domain that doesn't even support group policies (to my knowledge), and it's set as a Local group policy too.