Windows Updates: 5 ninja tips for wielding this double-edged sword

windows 10 update
windows 10 update

Windows updates, you either kinda like ‘em or you vehemently despise ‘em. That is because updates are really a blessing and a curse – an imperfect solution to a major problem - cybersecurity - that brings with it a whole lot of baggage (stability risks, expensive break/fix IT work, and downtime). On one hand, they make your computer safer by plugging security holes, but oftentimes the updates can be disruptive or downright destructive to the PC or server that’s getting them. Oftentimes we’re called upon to fix issues caused by a rogue Microsoft Update gone awry. Take an example from about a year ago where countless businesses came to work on Monday to find their PCs had all updated themselves to Windows 10 over the weekend. Or recent issues where Windows updates use up all available hard disk space or prevent you from being able to sign in at all.

So, they’re risky, but not running updates presents a different and more malevolent kind of risk. Lacking vital security patches, computers can be infected simply by visiting certain websites or opening an innocuous Word document. Most widespread virus outbreaks that make the news exploit vulnerabilities in unpatched computers. Running the updates is like taking the vaccine to most of the online superbugs that plague servers and computers everywhere.

So how can you take control of these untamed automatic updates?

Set Active Hours

Picture this, you pull your laptop out for a big presentation only to find that, ”Please wait. Windows is updating." In what is seen as a big departure from previous industry standards, Microsoft no longer gives users an option to disable updates altogether. This is not likely to be a one-time anomaly, but rather a sign of a new direction that Microsoft is not likely to change course on. So expect Windows Updates to be a mandated “feature” of all Windows desktops moving forward. However, due to extensive pushback, Microsoft allows the updates to be scheduled. Use this guide to set specific active hours for Windows Updates to apply themselves.

Get your Geek on with Group Policy

If you’re the type that loathes modern cars because the engine bays are shrouded in plastic to the point that you can’t even change your own oil… then this tip is for you. Under the surface of all Windows machines is a tool called Group Policy. It lets you do all kinds of crazy power-user stuff, one of which is to toggle Windows Updates to only run when you expressly allow them to run.

Business vs Consumer

Unlike NetManageIT, Microsoft is only vaguely sympathetic to the needs of small businesses. However, they do allow you to switch your updates from the consumer branch (mostly tested but possibly buggy) to the business branch (more thoroughly tested but still possibly buggy.) Just go to Settings >> Update and Security >> Advanced Options >> and select Current Branch for Business.

Take a break

In this same control panel, you will see an option to pause updates for up to 35 days. This is useful if you’re going away on a trip and can’t risk your computer getting hosed up with no access to a small business help desk.

Let us manage your windows updates for your whole network, computers, and servers.

All of the above methods require hands-on work from a savvy user to be effective. Also, they only apply to one computer at a time – how does that scale when you need to manage updates on 5,10, or 100+ PCs and servers?

You have us for that, we will manage the scheduling and testing of all security patches to Windows so you can be sure that you’re only getting carefully selected updates at the most convenient of times. That’s it, we handle the whole process. No more nagging update reminders.

Hope this helps!


News & Stories: