Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 118
  • Last Modified:

Windows Update Agent Importance?

Greetings,

I was on one of our client servers yesterday and after receiving an error due to IE being out of date, looked for an update for it through manually checking Windows Update on our Small Business Server 2011. I noticed only after checking Microsoft Update, I was informed the Windows Update Agent was out of date and that there was a new version (7600.320) -- from August 2014. After about 5 minutes, it returned with a slew of (surprise!) updates that had never been downloaded on the older Agent and were deemed important and recommended.

My question is why hasn't this been brought to my attention prior even by way of a taskbar notification. Yes, we do manually choose what to update but it seems like something like this is critical for receiving updates (especially at the server level). To partially answer my own question, this seems important but also seems optional or not terribly urgent by Microsoft's standards to receive this which left me asking if I should be doing this for all 30+ of our client servers.

I co-manage other servers and only some have the option to manually update the Agent, some still on older versions with no suggested option to update.

This convoluted MS business-as-usual dance reminds me of Inception: update within updates!

Thank you,

Nick
0
BBrayton
Asked:
BBrayton
1 Solution
 
n2fcCommented:
My experience is that despite the perception of "automatic updates," a (at least monthly) manual check by an IT pro is needed to maintain integrity.

Think of this as "job security" for the IT Pro crowd!

The average user does not have either the temperament, disposition, or expertise to manually investigate which updates are "really" necessary, let alone ensure their proper installation!

I myself have recently encountered a WIN7 laptop that has had the SP1 update FAIL for over TWO YEARS without the user noticing or looking at the update logs!  Upon manual installation, nearly 200 follow-up updates were offered!

A good time to check is soon after "patch Tuesday" each month... (2nd Tuesday of the month... the 10th THIS month)...

Educate the users to at least check once a month and if uncomfortable with this task, at least remind support staff to check for them... Sorta like a driver remembering to do oil changes on their car!
0
 
Donald StewartNetwork AdministratorCommented:
Are your servers configured to get updates from WSUS ??

Is your WSUS updated to http://support.microsoft.com/kb/2828185 ??  <<Which will contain the latest agent
0
 
QlemoC++ DeveloperCommented:
WSUS is the way to go if the are than a few PCs. The reports easily tell you which machine fails to install updates.
0
 
BBraytonAuthor Commented:
All of our servers use WSUS and most have been patched with that update. Some of our servers, like this agent have not pushed the KB2828185, some have had to be manually fetched. I would rather not get into how many problems I regularly have with WSUS and its own updates.

Thank you all so far for your input.
0
 
Donald StewartNetwork AdministratorCommented:
Your biggest clue where you can locate any problems is in the windowsupdate.log of any client pc.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now