That's a reason to stage and test before deployment, not a reason to not auto download/install/reboot thereafter. Depends on how flexible your patching product is I guess .. ;)
a -----Original Message----- From: Angus Scott-Fleming [mailto:[email protected]] Sent: 11 June 2010 15:11 To: NT System Admin Issues Subject: Re: Patch Management - again On 10 Jun 2010 at 15:05, paul d wrote: > I pretty much do the same here. Auto download, manual reboot. I disabled "automatic download" after the failed Excel patch a few months ago. Those machines with "auto download" had downloaded the bad patch. Even though I waited to apply the updates until Microsoft had fixed the Excel patch, those machines didn't check to see if there was a new patch, they just applied the bad patch they had already grabbed. I had to uninstall the patches and update the machines manually. I'll probably move to WSUS for my larger clients here soon based on comments in this list. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
