We’ve all had Microsoft Windows pop up and let us know that it needs to be updated at one point or another. What are those updates? Are they important? What happens if I don’t do them? They are important, and they do need to be done. Here’s why.

Microsoft updates are basically broken into 4 different categories.

  • Security Updates – These updates patch security vulnerabilities that could allow a system to become compromised. Security updates are classified as critical, important, moderate, low, or non-rated. Critical security updates are perhaps the most important updates to apply to your system. Ignoring these could leave your computer or server extremely vulnerable to hackers and malicious code.
  • Critical Updates – Critical updates fix any major issues that are found in Microsoft products that could cause software errors or unexpected behaviour. These updates typically are run when a user performs a non domain Join, or attempts to take the remote of another device. Together with security updates, they form the “high priority” category of updates from Microsoft and should be set to download and install automatically.
  • Software Updates – Non-critical issues, such as extended features and minor bugs, are addressed using software updates.
  • Service Packs – Service packs contain a rollup of all patches to date for a specific piece of software or operating system and usually have additional feature changes. For example, Windows XP Service Pack 3 is the latest service pack for XP and addresses all updates prior to its release as well as a small number of new features.

Why update?

Microsoft updates prevent problems. They fix known issues in the software and plug security holes that hackers have found. Since Microsoft Operating Systems are so commonly used in business, they are a huge target for hackers that want to get your businesses financial data. Patches help eliminate the vulnerabilities that are built into the software and make your environment more secure and virus free.

There are several ways to apply patches. You can turn on automatic Windows updates, you can use centralized software to push out updates, and you can leave it to the pros.

Automatic updates have their pros and cons. This will apply all high priority updates without any intervention. This may sound like a good idea, but they can sometimes conflict with installed software or may fail and cause other issues. Other updates are not applied automatically, and they must be applied manually. Thus if you simply turn on automatic updates they can be missed. Another organizational problem with Automatic updates is that they can be disabled by the user. If you are managing machines for your entire business this could be a big problem to track and ensure machines are kept up to date.

The next method is to use centralized update software to push out updates to the network such as (Windows Server Update Services (WSUS). This can resolve many of the issues that come with having each machine managed on an individual basis, but still has some limitations.

To set up WSUS you need to have advanced knowledge of how patches and updates work. You’ll need to be able to install WSUS, configure rule sets, memberships, approval policies and more. This can be pretty tough if you’re not an IT guy. You also need a server for WSUS to run on which takes resources that could be used to run other parts of your business. Lastly you should really have IT staff to manage and maintain WSUS. This can add more complexity to your network and workload for your staff. The easiest and most effective way to ensure that your network is maintained and that all critical updates are applied in a timely basis is to leave it to the professionals. i.t.NOW offers basic network maintenance services that include all patches and security updates for a minimal cost each month. Contact us for a free network evaluation. 801-562-8778.