Barney's Blog

Blog archive

Doug's Mailbag: Your Patch Ritual

Readers share their thoughts on applying Windows updates:

I test all patches. The testing is geared to getting a feel for what might break. Other patches we test for two weeks. The only 'updates' that do not get installed at release are application dumb stuff like IE upgrades.  In general, our view is that security patches are released for a reason.
-Anonymous

Here are my brief thoughts on Microsoft patching -- as a Microsoft partner and VAR -- for most of our customers (but not all) that do not have their own in-house IT staff. In 95 percent of circumstances we install and configure WSUS 3.0 to automatically download, approve and install the updates. We have been doing this strategy for about three years -- ever since WSUS 3.0 came out.

That means as long as a computer is on it gets updates. Here are the results:

  • Randomly some older Server 2003 servers hang at 'Windows is shutting down,' but not most
  • Only time we've been burned was an update that killed Exchange 2007 OWA on Server 2003 x64

Otherwise, I run on the assumption that the updates do more good than harm.
-Doug

Our practice is to apply all new patches to I/T workstations and a few non-production servers, and let them run for a day or two.

If no problems occur, we have a small set of 'regular users' that get all patches (one or two from each office) for a day or two.

If no problems there, then all patches are pushed out to remaining computers.

Probably takes a week to ten days to get everything patched -- 350 PCs and 40 servers.
-Jim

Share your thoughts with the editors of this newsletter! Write to [email protected] Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 08/31/2011 at 1:18 PM


Featured

  • Phishing Tops Concerns in Microsoft Study of Remote Work

    Potential phishing attacks were a top concern of most IT security professionals when organizations switched to remote-work conditions early last year.

  • How To Configure Windows 10 for Intel Optane Memory

    Intel's Optane memory technology can significantly improve the performance of your Windows 10 system -- provided you enable it correctly. A single mistake can render the system unbootable. Here's how to do it the right way.

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

comments powered by Disqus