We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


Should I run Microsoft Updates on Windows Servers?

Medium Priority
Last Modified: 2012-05-06
I look after a small network of around 100 client PC's and 3 Windows 2003 servers.  The version of windows are as follows..

SIMS and SQL Server 2005 = Server 2003 R2 - Standard Edition - Service Pack 1
Terminal Server and AD = Server 2003 R2 - Standard x64 Edition - Service Pack 2
Exchange 2003, Sophos and AD = Server 2003 R2 - Standard Edition - Service Pack 1

I have an upgrade to the Sophos Pure Message that is on the Exchange Server and it requires Service Pack 2.  So my question is.. is it safe to upgrade to Service Pack 2 on that server?  I am very nervous about messing up Exchange in any way.  Also the SIMS server could do with Service Pack 2 as well.. what do you think?

Also the automatic windows updates fail on the servers as we are behind a proxy.  Is it safe to run Windows Updates once to let them catch up on Security Patches and stuff?  I really don't want to corrupt anything.. or change the way somethings work.  

Any help and advice would be most welcome.
Thanks in advance.
Watch Question

Top Expert 2008
Usually it's a good solution to keep your servers up-to-date too. Plan some downtime for the update and if it doesn't work afterwards, you can simply rollback to the previous state on the server operating systems.

Regarding the internet access via proxy: Have you ever thought about installing a WSUS server in this environment? This would be interesting for the clients too, because they don't have to fetch the updates directly from the internet. Just one server (the WSUS Server which does not need to be a physical machine, you can probably re-use one of your existing servers) downloads the updates and all clients and servers poll the updates from this machine then.

That usually saves a lot of traffic and administrative overhead.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


Thats brilliant advice. Thankyou!  One thing... do you roll back the server in the same way you would XP?
Expert of the Quarter 2009
Expert of the Year 2009
As far as I am concerned, service packs are not optional.
Not installing an update as critical as a service pack is foolish in the current security environment.
I give them a week to ten days at most then install the updates. With the updates that are released on a monthly basis, similar amount of time and then I install the updates.
What you need to realise is that as soon as Microsoft release an update the bad guys start looking at it, to reverse engineer it and then use it to exploit servers. Exchange servers are a particular target as they can then be used to send spam, which is the main reason that machines are attacked.

So I would suggest that you bring everything you have up to date, both on service packs and then the automatic updates.

Top Expert 2008

Yes, that usually works this way. In my personal experience (I have the same problems with service packs and medical applications at my employer's site) simply uninstalling the Service Pack in the Software Control Panel is enough so you don't have to do a full rollback. We once had a medical application that stopped working after we installed SP2 on 2003.

Doing backups before is never a bad idea, though.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.