Automatic updates for Windows

Why you need to update your PC Windows ?

PCs have an operating system that must be continually updated.

Why upgrade?

Discovery of new security hole results in the following cycle:

  • Screening of the hole,
  • Provision of the patch,
  • Use the hole to infiltrate not upgraded computer.

The manual update is tedious.
Ideally enjoy an automated solution.
The recipe is simple:
– Enter his Windows PC in INTRANET
– Or use the automatic installation

The default behavior is obtained:
– Update every day at 12 am and because the machine does not restart, please manually reboot every week.
– if the machine is off at this time, work will be carried out 5 minutes after starting up the computer.

For different behavior,

With the Active Directory delegation, the detailed explanation:

Existing GPO are explicit.

    • This is the old default behavior
      • sti-all-update-sus-push-12h
      • updated daily at 12 am and automatic restart if necessary.
      • if the machine is off at this time, the update will be performed 5 minutes after the restart.
    • By analogy, these GPOs do the same work at 3AM, 7AM, and 11 PM.
      • sti-all-update-sus-push-03h
      • sti-all-update-sus-push-07h
      • sti-all-update-sus-push-23h
    • These two GPOs are used with care, because the machine does not restart, only to be used on servers with regular monitoring by an administrator.
      • sti-all-update-sus-pushsrv-12h-noreboot
      • sti-all-update-sus-pushsrv-05h-noreboot
      • At a minimum, the machines concerned must be restarted manually every month
  • This GPO is used with care, because it’s in test.
    Asking for reboot for 180 minutes

    • sti-all-update-sus-push-12h-ask180