Windows Patch Management Considerations

There are certain times when organizations decide not to deploy a software update solution and use Windows native functionality – Microsoft Update, as their main solution. This may be the best approach when organizations have dispersed offices around the globe with a small number of standalone computers. It is simpler to enable automatic updates on these clients’ computers rather than implementing a costly patch management solution. The same may apply to organizations with many mobile workers who rarely connect to the organizational network. There are other scenarios where this functionality provided by Microsoft is more feasible.

However, relying completely on Microsoft Update has some weaknesses and these are listed below:

•    Each software update is downloaded separately by each client computer from Microsoft Update servers. This has a significant impact on bandwidth cost and usage.

•    This method does not allow for testing updates prior to deployment hence, if an end user installs an update and this update conflicts with an installed application then the organization may encounter productivity losses. In particular environments, one person may test the updates on a test computer and then gives the go ahead to other users if no problems were encountered on the test machine!

•    There is no centralized reporting and monitoring mechanism. System administers or auditors need to scan all computers to determine whether an update has installed correctly.

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top