Overview
LanGuard does not detect the latest cumulative updates for the Microsoft Exchange even after scanning using the Full Scan scanning profile. This article explains the root cause and offers a solution to this issue.
Diagnosis
LanGuard uses the Microsoft-developed tool Windows Update Agent (WUA) to detect all missing and installed Microsoft patches by providing it a freshly downloaded copy of the WSUS offline Scan Package wsusscn2.cab. The latest Microsoft Exchange builds are not detected by WUA since cumulative updates for Microsoft Exchange are not distributed via WSUS or Windows Updates.
This can be verified with the Windows Update or by Using WUA to Scan for Updates Offline with PowerShell - you would not see Exchange cumulative updates there.
Solution
Every cumulative update for the Exchange is in fact a full version of Exchange and has to be installed manually. Even though they are not distributed by Microsoft for automated updating, you may still download the latest builds from the Microsoft Download Center following the Updates for Exchange Server article and then use LanGuard to deploy through the route of custom software deployment. The prerequisites and unattended setup settings you can find in the Upgrade Exchange to the latest Cumulative Update article.
The security updates and definition updates for Microsoft Exchange will be detected by LanGuard without issues as they are included by Microsoft in the WSUS Scan Package.
For a list of all Microsoft's patches supported by LanGuard, refer to Supported Microsoft Security Bulletins.