We use our existing Microsoft System Center Configuration Manager (SCCM), which is the big brother to WSUS. Works great, and is easy to drive.

We use a WSUS server for physical desktops. For our View deployment I have decided to update the golden master image once a month with Windows Updates, Java updates, Acrobat updates, etc. and then recompose the desktops. This keeps the in-use images "fresh" and up-to-date. I think it will also lessen the load on the virtual infrastructure because I won't have each desktop updating itself. I think if you look at View best practices, this is the recommended method. I don't have links/documents, but I could probably come up with some if needed. That's why I set it up this way myself.

Microsoft SCCM goes well with ViewI Components and Linked lones. WSUS would be a simpler solution than this but do not have much management capabilities like SCCM But it is again OK to use with View because (and if) receiving Windows updates in a faster and automatic way is the only requirement.

Combination of any of this with a periodic recompose (for distributing non microsoft patches and updates) should be the best suitable solution for your requirement

This was one of the great features of linked clones. Just make sure you have a good snapshot of the parent and recompose then if the M$ patch is bad you can just recompose back to the old snapshot. This really works great if you ThinApp all your applications.

we are using the same technology with golden master update monthly. Since we have also application updates in between, this is quite a good solution.

(View 4.5  floating linked clones with roamin profiles)

WSUS, Works like a charm!

Once a month I run all updates on the parent and recompose, works great so far.

we had tools like wsus and dsm tools, sccm,sms server  lot of 3rd party applications are there  better to use simle environment  is wsus , if it medium level organasation use sms  which controls security,patching and monitoring.

Why do you think that recomposing is labor intensive and/or dramatic? Your master image is powered off, so during office hours you start it, apply all updates you want to distribute, shut it down and make a new snapshot (=a few mouse clicks).

Then you open View Manager and recompose your pool (i.e. when the user logs off). That way, you are sure that everyone gets the updates, as they are in the master image. You don't need to configure a WSUS server, approve the updates, verify if all users have the updates installed, etc...

I prefer the Master update as this is (for me) even less labor intensive as I can do it in 30 minutes without the need to harass any user. A second advantage is that I can easily roll back the previous snapshot when there is a problem with the installed updates. This is far more complicated if you patch with WSUS, SCCM or Shavlik.

I think the method used greatly depends on your refresh cycle.  In our environment we try to update the master image whenver possible.   If there is patch that our security team says is urgent then we have the option to push that out via SCCM.    Our first choice is always to update master and recompose our pools.