I maintain a bunch of PCs for a small company, and I've turned off the Automatic Updates feature on every machine, mostly for my own sanity. The last thing I need is for Microsoft to deliver a "fix" to all the employees that ends up causing more problems than it solves. Is there an easy way to keep these PCs up to date while excluding the more troublesome patches?
Ever feel like an unpaid beta tester for Microsoft? If so, join the club.
The problem with being too conservative about the updates is that many of them fix serious security holes in Windows and we all know how common those are. If you're an experienced user and take the proper precautions, you can probably forgo most updates and be perfectly safe. But when you're administering PCs for an office full of people who can't tell the difference between virus-infected attachments and letters
from their mothers, you may be better off installing many of those updates.
Still, there's no rule that says you have to install updates right away. Instead, wait a few weeks to see what ugly problems the press and users report. First, disable the Automatic Updates feature: open the System Properties control panel, choose the Automatic Updates tab, and then select "Turn off Automatic Updates." Click OK when you're done.
As they become available, research new patches. Sites such as http://www.patchmanagement.org and Annoyances.org are full of stories, complaints, and solutions relating to Microsoft's "fixes.
Once you've decided to install an update, visit the Windows Update Catalog at Microsoft Windows Update (Figure 6-4 ) and click the "Find updates for Microsoft Windows operating systems" link. Select your Windows version from the list of operating systems, and then click the Search button to reveal all the updates released to date. Select the desired category (such as "Critical Updates and Service Packs"), and in the "Sort by" drop-down menu, sort the listings by "Posted date" to group together the most recent updates. Click the Add button below any update to add it to your download queue.
Note: One advantage to using the Windows Update Catalog is that you'll get a self-contained installer that you can use repeatedly without having to download the update for each PC, saving you time and bandwidth .
Note: To install SP2 on multiple computers remotely, download the Windows XP SP2 Deployment Tools for Advanced Users package from Microsoft Download Center .
It's especially important to install service packs manually, as opposed to letting the Automatic Updates feature do it. These über-updates are enormous and can require several hours per PC to install. The last thing you want is a new service pack tying up all the PCs in your office. Instead of allowing these to be installed automatically, wait a few months for the bugs to be ironed out (in the form of subsequent updates) before you install any Microsoft service pack. When you're ready, pick a weekend or a day when everyone is in a meeting, and download the "Network install" version of the service pack directly from Microsoft's web site (go to Download details: Windows XP Service Pack 2 for IT Professionals and Developers for a shortcut to the SP2 network install). Put the installer on a network share or burn it to a CD, and run it directly on each PC.
0 comments:
Post a Comment