Install patches & updates during reboot

Posted on 2013-05-24
Medium Priority
Last Modified: 2013-06-03
We face an issue with patching a large, Windows based client computer environment.

I am not talking about Microsoft OS patches but patches of applications. The problem is that end users have administrative privileges to their machines (no way to change this as it's a contractual requirement) and install their own software beside the software managed by us. Regrettably the installation of self-installed applications is not controlled in anyway and often their applications make use of our applications and therefore block files/processes.

 - We manage the email application and should patch it
 - We are aware of some additional tools, accessing the email application, hence before patching starts we check if the email applications as well as the tools known to us are closed
 - Regrettably there are other, "end user managed" tools out there (e.g. a calendar sync tool for whatever mobile device) which are keeping files/processes of the email application open and make a straight forward patching of affected PCs impossible

I assume other companies have similar issues. How do you overcome those?

E.g. is there a reliable solution to install patches during reboot?
Question by:CPAB
  • 4
  • 2
LVL 13

Expert Comment

ID: 39193954
Indeed the administrator privilege is an issue for the situation as you decribed it

Group policy is a good solution

Author Comment

ID: 39196205
@Kostasp: thank, but what do you exactly mean with "group policy is a solution"? Preventing the customer to install apps? We are regrettably not allowed to do so...
LVL 13

Accepted Solution

Alexios earned 1500 total points
ID: 39197893
No, I was referring just to your question

Group policy is a good solution... for applying patches
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!


Author Comment

ID: 39210547
Ok, yes, that's an option.

Is somebody aware on how to realize something like this using Microsoft SCCM. We are currently patching using SCCM and have all processes and reports designed around this tool. Hence it would be nice if we could integrate such a "patch on reboot" solution into SCCM based patching...
LVL 13

Assisted Solution

Alexios earned 1500 total points
ID: 39210742
I think that you cannot configure that specific action with SCCM unfortunately
LVL 13

Expert Comment

ID: 39215569
Glad to help

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

You do not need to be a security expert to make the RIGHT security. You just need some 3D guidance, to help lay out an action plan to secure your business operations. It does not happen overnight. You just need to start now and do the first thin…
To share tips on how to stay ALERT and avoid being the next victim - at least not due to your own poor cyber habits and hygiene!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

586 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question