Automating the WSUS attack involves exploiting the Windows Server Update Service by spoofing its IP address to serve malicious updates, allowing attackers to gain local administrative access on targeted Windows machines. The tool, wsuks, facilitates this attack by using ARP spoofing and serving a predefined PowerShell script alongside PsExec64.exe, enabling the creation of a new user with admin privileges or adding an existing domain user to the local admin group. Users must run the tool with root privileges on a local network with an HTTP-configured WSUS server.