Windows Updates can cause a bottleneck on some ICAP services when patches are deployed. Administrators wishing to bypass these patches can do so using the method described below.
Although there is risk involved with bypassing URLs from ICAP scanning, they need to be weighed against the benefits. Patches released during the same time period may not take full advantage of caching before being pushed to clients. This can cause a bottleneck on the ICAP service. Most update packages also decompress into much larger packages, increasing the time it takes to scan them. Microsoft never recommends bypassing any files, however Windows Update can be considered a trusted source as all patches go through strict quality control before being published. More details from Microsoft can be found here: http://support.microsoft.com/kb/822158.
These URLs can be bypassed using the following local policy. (See 000010101 for details on how to install local policy.)
define condition WindowsUpdate
Installing this policy will prevent these URLs from being subject to ICAP scanning.