Usually I would look for change management , either manual or automatic patching
I have a customer who has pretty much performed no patching for 2 and a half years. For pretty much of all of their 100 virtual servers
Allied to this VMware tools , hardware versions aren't in line
Usually in my own experience, I would create test environment and apply patches there , a month behind MS Security Bulletin.
Now we're upgrading tools, hardware version currently 8, and the patches next week
Is there a best way to upgrade patches since June 2014?
I have flagged all this at the very start , that its not best practice etc to give them the outline, but I don't want to throw on a load of updates manually either (they have no WSUS, Shavlik ,or SCCM) etc
Any best way to do this? (its very frustrating as they lost 2 servers already that weren't patched, they just dont get it)