Link to home
Start Free TrialLog in
Avatar of brothertruffle880
brothertruffle880Flag for United States of America

asked on

Installing security patches for Windows 7 - JUST the security patches

I don't want to load enhancements or improvements.  Just security patches to avoid any malware, etc.
I was told that https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
is the one that's most currently important.
How can I selectively install these and not the other stuff?
Avatar of Alex
Alex
Flag of United Kingdom of Great Britain and Northern Ireland image

Load up windows update

Go through and select the patches you want and ignore the others.

And yes, that one is very important :-)
You need to lookup security-only quality updates (rollups are called security monthly quality rollups). HOWEVER, that is aimed at businesses. So if you're using WSUS, then you can choose to approve that. Otherwise, you're going to have to update manually because they're not made available via WIndows Update itself (even though you can download them).
ASKER CERTIFIED SOLUTION
Avatar of Jackie Man
Jackie Man
Flag of Hong Kong image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Easiest, automated, and least expensive = WSUS

Unless you are referring to "just your workstation" then I would agree with the Windows Update route.

And make sure your running AV and Malware/Ransomware software.  There are many out there but I would focus on the ones that are highly rated and have Malware related software.  It is not the same as computer virus.  Two different products.

I can make some offline suggestions if you wish, just let me know.  But keep in mind that this things was stopped in the track it was on by someone "registering" the domain name which removed it from Dark Web.  

That doesn't mean there will not be more "variants".

Brian Murphy
https://www.linkedin.com/in/vcissgroup
Avatar of brothertruffle880

ASKER

Thank you Jackie Man!!!!!
BTW, I had two people talk about WSUS but no one told me what it was.  What is it?  What does that acronym stand for?
WSUS = Windows Server Update Services. For a long time it was a standalone app, but they eventually integrated it as a role starting in (I think) Server 2008 R2.

Basically, think of it as your own onsite system for managing Windows Updates. Using your server (after you've modified the systems' registries to look at the WSUS server for updates instead of MS updates site), you get to centrally approve/reject which updates go to the systems on your network.

I had posted my answer based on the assumption for the long haul, you wanted to only install security updates, versus just one time. WSUS is just the type of system to allow you to do that without having to to go the site and download the patches and give it to users manually.