Automatic Windows patching process to be deployed
February 23, 2004
On March 1, 2004, SCS Facilities will begin to automatically install critical patches on most PCs in the SCS Windows Domain. This patching is being done in order to keep SCS PCs current for critical security patches.
How the automatic patching process will work for most PCs
- Each Tuesday at 6:00 AM, any pending critical Windows patches will automatically be installed. If a PC is already up to date for critical patches, no further action will be taken (i.e. the machine will not be rebooted).
- If nobody is logged into the PC on the console, it will automatically be rebooted immediately after patches are installed. If somebody is logged into the PC, a pop-up window will appear, prompting for a reboot. If the user of the PC does not wish to reboot at that time, the reboot will be postponed. Additional prompts to reboot will be given at later times.
- If the PC has not been rebooted by 5:00 AM on the following Thursday, it will be automatically rebooted, even if there is a user logged into it.
Which PCs will be affected
- All PCs in the SCS Windows domain that run Windows 2000 or Windows XP will, by default, automatically install patches according to the above procedure.
- PCs running Windows NT will not be automatically patched.
- An alternative automatic patching process that does not prompt for a reboot is available for server systems.
- Contact firstname.lastname@example.org to request that a PC use this alternative process or be exempted entirely from having patches automatically installed.
If your PC is not a part of the SCS Windows Domain or otherwise does not receive these automatic patches, you are responsible for using Windows Update or other means to keep it up to date for critical patches.
Additional information about automatic patch installation is at: http://www.cs.cmu.edu/~help/windows/auto_patch.html.
Please send any questions or requests concerning this patching process to email@example.com.