Policy for updating windows patches
Tasks examples would be Patch updates, Run Scripts automatically, disk optimization and more.
January's SQL Slammer worm reminded us of the importance of patching vulnerabilities in computer software.
Patch management is a complex process, and I can't cover all the variables here.
But I can distill the process into six general steps.
Non-critical patches are not supported by the automated windows update process, so users will need to install them on a 'as-needed' basis themselves.
Non critical patches are usually for programs that people may or may not use.
The reason we elected to run our own mirror site, is because occasionally a 'BAD PATCH' is released that can go as far to crash a computer.
If this happens to a critical server, work would be impeded.
A key difference is that all critical updates must be approved by one of the tech staff before they are applied to computers in the domains.
Most successful computer attacks exploit well-known vulnerabilities, for which patches exist.