We're running a WSUS server for the simple purpose of caching updates. Since we are a very small network of all "power users", we've got the domain group policy for WSUS updates on the clients set to prompt for download/install. i.e. We don't want updates to install without our knowledge.
But there are a few cases where it would be nice to be able to set a certain update to auto-install. e.g. Windows Defender updates, Malicious Software Removal Tool, Outlook Junk Email Filter, etc. Basically all the silly little updates that you would always install anyway and don't require a restart.
Is there a way to set the general policy to prompt for download/install, but auto-install certain regular updates?
P.S. WSUS itself does have the facility to auto-approve certain updates. That part works.
Facts & Figures: SBS 2003 domain Windows 7 Pro clients Windows XP Pro clients
Set group policy on Administrative Templates->Windows Components->Windows Update -> Allow Automatic Updates Immediate Installation
Description text: "Specifies whether Automatic Updates should automatically install certain updates that neither interrupt Windows services nor restart Windows.
If the status is set to Enabled, Automatic Updates will immediately install these updates once they are downloaded and ready to install.
If the status is set to Disabled, such updates will not be installed immediately.
Note: If the "Configure Automatic Updates" policy is disabled, this policy has no effect."
You should be able to set a deadline on the update (which can be in the past) to force computers to install the update the next time they check for available updates. Be aware that if an update requires a restart, it will do it there and then without much warning - however for the definition updates like you plan it ought to be fine.
Be aware though that if a user has installed an update which requires a reboot but has not rebooted, a deadline will trigger a reboot even if the update with the deadline does not require one.
Further Reading: Client Behavior with Update Deadlines (TechNet).