Windows Security - Automated Updates
We have an automated patch management system for all Kettering Domain computers running Windows. With this system, IT can automatically install "Windows Critical Updates", "Windows Critical Security Updates" and "Windows Security Roll-ups".
Does IT review the patches?
IT reviews each "Windows Critical Updates", "Windows Critical Security Updates" and "Windows Security Roll-ups" as they are put out by Microsoft and approves the update for distribution.
Do I have to go to a web site to get the patches?
No. Some time during the day your computer will quietly download any patches it does not have.
When and how do I install the patches?
Once your computer automatically downloads the patches it needs, patches are installed in one of three ways. Two of the methods do not require any user intervention.
- The user may get a pop-up balloon next to the clock telling the user that patches have been downloaded. The user can click on the balloon and either read details on the download patches or select to install them. The user can also just ignore the balloon message, the patches will then be installed when the user is not logged in.
- At 3:00 a.m. if no user is logged in and the computer is on, the downloaded patches will be installed and the computer will reboot if needed.
- After the computer boots, if it sits at the login screen for over 3 minutes, the downloaded patches will be installed and the computer will reboot if needed.
Will someone from IT have to set up something on my computer to make this work?
No. IT will turn on this feature remotely via Active Directory.
I have a lab that is not in the domain can it be part of this patching system?
Yes. We have documentation on how you can implement this on your non-domain Windows computers. Non-Domain Computers Configuration for Kettering Auto-update system.