Should I install Windows Optional updates in addition to the Critical?

I am the Exchange admin, responsible for Windows updates. Up until now I've only installed Windows Critical updates, but somebody told me I should be installing some of the OPtional updates. Are there any standards or recommendatinos for Exchange servers?
Scotch TechITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MaheshArchitectCommented:
normally avoid installing dotnet related updates on exchange, it might break shell functionality

Optional updates, as word says optional and can be installed based on specific needs
0
Scotch TechITAuthor Commented:
thanks. My thinking is just to install Critical, if we find out later we need an optional we can do it then. Thoughts?
1
timgreen7077Exchange EngineerCommented:
I only suggest installing critical and security updates on exchange. I never install the quality or optional updates.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

JohnBusiness Consultant (Owner)Commented:
For Exchange that may be true.

For the Windows Host machine do Critical and Recommended. Sometimes good fixes are there, and we have not had issues doing all updates (Critical and Recommended) on all of our client Server 2012 R2 machines.
0
MichelangeloConsultantCommented:
Hi Scotch,
Updates other than critical and security should ideally be applied upon specific needs
.
Find here updates classification:
https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro

Here you can find some (a bit outdated as the New Monthly Rollup concept is mssing) clarification and WSUS specific info:

https://blogs.technet.microsoft.com/dubaisec/2016/01/28/windows-update-categories/

Find here the Description of Software Update Services and Windows Server Update Services changes in content for 2018:
https://support.microsoft.com/en-us/help/894199/software-update-services-and-windows-server-update-services-changes-in

Basically you should
- On WSUS, select crtical and security classifications on
- On WSUS clients, deselect checkbox to receive optional updates as important
- apply all OS updates received after that
- apply CU/RollUps and subsequent patches such as the one for CU19 Exchange 2013 - yes they ARE important
- review and apply optional updates based upon specific needs: there's no an automated or default way to do that. As a rule of thumb, you can skip them
In case you are proposed an update to .net (which you should not) do check compatibility matrix for exhange:
https://technet.microsoft.com/en-us/library/ff728623(v=exchg.150).aspx

If in doubt, pospone until you get specific info by looking into Microsoft online docs or by opening a support request (which usually is not free).
Hope it helps
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
arnoldCommented:
Echo Michelangelo.
Critical and security should be installed.

If you have the option to have a test setup of the environment including in a VM environment, test the optional in the VM validating that they will not have an adverse effect on the system. Or Only apply the optional if what it fixes applies to your environment.

optional also depend on which categories/classifications you selected....... You have to review each optional update and decide whether it should or should not be installed on a case by case basis with the prior suggestions taken into account.
1
JohnBusiness Consultant (Owner)Commented:
Your solution was ONE answer but not the only one.
0
JohnBusiness Consultant (Owner)Commented:
I suggest:

Accept:  https:#a42525083
Assist:  https:#a 42525451
Assist:  https:#a42525049
Assist:  https:#a42525034
Assist:  https:#a42524971
0
MichelangeloConsultantCommented:
I suggest
https://#a42525083
This is the answer I provided and I believe it's the only one which is thorough in answering Original Poster Question, addressing most common issues/concerns when applying OS patches on Exchange Server installations., covering also .NET updates and how to avoid optional updates appear as recommended (and thus avoiding applying them) i.e. providing a guideline on how to start applying patches correctly.

Other comments are generic and subjective and/or not providing any references to product documentation. I mean, it's quite understandable to propose critical and security updates, or to warn users from applying .NET updates. But a comprehensive answer is made of
- a tentative procedure to quickly address the issue
- some context on how to apply the procedure
- documentation to read to deepen the understanding the reader has about the issue

Generally speaking, It's not easy to be so thorough in answering a question - this is a relatively common one, though,  and I have met (and delved into) the issue it raises for my datacenter so I happen to be able to provide a proper answer.
0
MaheshArchitectCommented:
@Michelangelo:

OP already knows importance of critical updates
With respect to optional Updates you have elaborated more basically what I said
You have not said anything about updating exchange servers which is the basic question I believe.......?

Your answer is providing general guidelines and hence others are also eligible for points...
0
MichelangeloConsultantCommented:
@Mahesh
My answer provides more than general guidelines, while yours do not.
I have explained why I believe my answer is best and other answers do not qualify as assisted.

You wrote
You have not said anything about updating exchange servers which is the basic question I believe.......?

The basic question is
"I am the Exchange admin, responsible for Windows updates. Up until now I've only installed Windows Critical updates, but somebody told me I should be installing some of the Optional updates. Are there any standards or recommendatinos for Exchange servers"
I read this as "I manage an Exchange server and I have installed Critical updates, I wonder if I should install Optional and, anyone knows any caveats in installing patches on Exchange".

You also wrote


You have not said anything about updating exchange servers which is the basic question I believe.......?

I believe I provided an answer to the question: I proposed a guideline for patching an exchange server as a whole (OS and Application)


(...)
- apply CU/RollUps and subsequent patches such as the one for CU19 Exchange 2013 - yes they ARE important
- review and apply optional updates based upon specific needs: there's no an automated or default way to do that. As a rule of thumb, you can skip them
In case you are proposed an update to .net (which you should not) do check compatibility matrix for Exchange:
https://technet.microsoft.com/en-us/library/ff728623(v=exchg.150).aspx
(...)

hence I believe that while I provided a thorough answer to the question, no one did before me or added something to the answer afterwards.
On second thought, I think Arnold's comment adds to the answer by recommending to use a test environment

To sum up:

Best: https://#a42525083
Assisted: https://#a42525451
0
MaheshArchitectCommented:
I am not saying that I have provided any general guidelines, I have provided exchange specific and optional update specific info which is actually requested if you reread question and my comment
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.