Editorials

Automatic Windows Update Practices

by Ben Taylor

Automatic Windows Update Practices
Raising the topic of Windows Updates could be considered fishing for input, because it is such a controversial issue. It’s easy to get people to provide feedback because many of us have been saved or crushed by the capability.

It seems to me that there may be different policies or practices for the use of Automatic Updates. In a server environment, it could be detrimental; although I have worked for companies that automatically applied all released updates with impunity. Perhaps there may be a different practice you would chose for mobile or desktop users. What about the emerging tablet Market? Do you even have an option on Windows 8?

Two brave individuals have responded today with their input on Continuous Integration, and one specifically referencing Windows Updates.

Ian:
We have all our development machines on auto update: the sooner we know about an update issue the better, before a client suffers the same fate. It is however infuriating when you go to a seldom used machine and switch it on to be greeted by Microsoft installing updates for 10 minutes and to open a browser and find you have to wait another five minutes for Firefox / chrome / opera to go through its cycle. What is even more infuriating is when some browsers or AV software insist on installing some otherwise obscure browser tool bar and search provider which would have naturally died a death many years ago because the results are so far from useful. I have seen customer machines where these add ins fill half the browser page area! However I’ve not had a retrospectively discovered virus for more years than I can remember, so I guess it keeps the bad guys at bay.

Just note that installing other software in an auto update is just not on. Sun and Adobe please note this does not promote brand loyalty anywhere. In other terms it has to be a short term gain because most people ask their friendly IT expert what to do or use.

I feel better now!

Steve:
Microsoft has done a better job in recent years but I still do not allow "automatic" update to be turned on in my environment. I have experienced poorly tested patches released from MS that took down a production server (Windows Server 2003 was the last). The server blue screen and needed to be rebuilt, luckily it was only used for terminal services and we had multiple servers filling that role at the time. Since then we have used a more controlled approach.

We install on test and model boxes and test for one week before applying anything to a production server. On the client side we also test first and send out warnings to the users to log off their workstations at the end of the day, nothing worse than have the VP’s workstation miraculously restarting itself to change your patch strategy. This would also apply to our SQL Servers test for a week sometime two on a test server first before applying to a production server. We also use a system change procedure designed to insure proper testing.

If there is something more that needs to be said on this topic, please send your comments to btaylor@sswug.org.

Cheers,

Ben

$$SWYNK$$

Featured White Paper(s)
Achieve an astounding return on investment with Toad® for Oracle
read more)

Tags:
Author: Ben TaylorBen is a Relational Database veteran starting in the early eighties on DEC Vax database systems such as Bloom and Harvest. He has specialized in SQL engines for more than two decades, with a primary focus on Microsoft SQL Server. Ben has worked with small and large databases for both OLAP and OLTP working on systems for many industries such as Medical (Medical Claims and Eligibility Warehouse, HMO Provider Management, Enrollment), Financial (credit card processing, mortgage, stock portfolio management), Manufacturing (Assembly Line and Product Assemblies), Sales, Auto Auctions and more.