MS office security/updates

Hi all,

I've recently started messing about with PDQ both deploy and inventory as I've got a specific thing I'm after.

We want to roll out updates to office/windows/etc.  I was very excited to see how easy the rollup deployments for the OS went through PDQ, and then disappointed to see that it's not so nice for Office, which also has updates labeled "critical" in the security side of things, but there is no handy "roll up" to push for office like there is for windows.

WSUS is too uncontrolled/hands-off compared to something like PDQ where we can schedule exactly what when and where we want things installed.

I installed PDQ inventory hoping that there would be an easy way to manage the computers and scan for missing instances of up-to-date office installs, but frustratingly, the only data I can get out of inventory is that the office install on the machine is the same version for all computers with the same service pack.  Manually installing the patches I'm talking about doesn't alter the office version number for easy grouping/reporting in inventory.

How do you all use PDQ to manage office software vulnerabilities?  Or maybe you don't?

I realize that PDQ is a deploy tool and not patch management, but it's so much easier to use PDQ than the other stuff we're looking at I just wanted to pose the question here to see if I'm missing something or anyone has tips along these lines?