momtoelihle
asked on
Patching servers that are way out of date
Hi
My environment was last updated 2 years ago, and I want to start applying patches as per Microsoft security Bulletin Summary.
The plan is to start patching and not stress about getting up to date with the patch level.
I'm planning on manually installing about 3 security updates release for September, and continue every month with new releases.
Please advise if this is good or bad.
My environment was last updated 2 years ago, and I want to start applying patches as per Microsoft security Bulletin Summary.
The plan is to start patching and not stress about getting up to date with the patch level.
I'm planning on manually installing about 3 security updates release for September, and continue every month with new releases.
Please advise if this is good or bad.
Just use automatic Windows Updates, and patch it in one go. There are no problems with installing patches in one go.
ASKER
I'm afraid that once I install all of them on the go I might break some of the third party applications functionality.
And if they break, I will have to roll back one patch at a time.
Please advise
And if they break, I will have to roll back one patch at a time.
Please advise
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"There are no problems with installing patches in one go."
Have you worked with Microsoft servers before???
Have you worked with Microsoft servers before???
ASKER
Thank you Vortex. I will try that.
Neilsr, yes I've been working with Microsoft servers for the past 7 years, but have never had to work with out od date patches of 2 years.
Neilsr, yes I've been working with Microsoft servers for the past 7 years, but have never had to work with out od date patches of 2 years.
Then your comment is not very relevant to the question if you have no experience of this is it.
ASKER
Thank you.
The only way to be secure and safe is to apply ALL patches up to date.
Set up a WSUS server to download all updates to a local store and then patch from that to your servers. You really need to be completely up to date.
With wsus you will always have the latest patches on site ready to install as well in the future.