olly - Fotolia
Updating Windows desktops is crucial for any organization, but many IT professionals find the Windows update process frustrating. Fortunately, there are some ways that IT can take control of and simplify the process.
One of the best ways for IT to take control of the Windows update process is by deploying Microsoft Windows Server Update Services (WSUS) or a similar patch management console for its organization's servers.
Without WSUS, Windows desktops will automatically download and run updates. Automated patch and update management might sound appealing, but it introduces a high degree of uncertainty into the patch management process. It can be difficult to know what updates are going to be deployed and when.
In contrast, WSUS allows IT to centrally download updates to a server and saves each machine from having to download updates individually. WSUS also offers IT professionals the ability to approve or block updates and configure automatic approval rules so that the machines can run critical updates without waiting for approval.
Other Windows update strategies
Disk capacity management
Another Windows update process strategy that IT can use is maintaining plenty of free disk capacity on devices. Insufficient storage is one of the primary causes of update failure. Without proper monitoring, these failed updates may go unnoticed by IT, resulting in noncompliant devices.
There is no easy way to ensure that all of the Windows devices maintain enough free disk capacity to apply updates. Starting with build 1909 of Windows 10, desktops reserve a block of disk specifically for the purpose of accommodating updates. Initially, Windows will reserve about 7 GB of capacity for this purpose.
IT pros can also review their Group Policy settings as they relate to the Windows update process. Remember, IT should configure group policies to ensure that updates are applied in a timely, non-disruptive manner.
One especially helpful Group Policy setting can be found in Computer Configuration > Administrative Templates > Windows Components > Windows Update > No Auto-Restart With Logged On Users for Scheduled Automatic Updates Installations. This setting keeps Windows from automatically rebooting after an update while users are logged into their computers.
IT can minimize user frustration with the Windows update process using this Group Policy. Windows updates will still occur, but this setting prevents users from suffering a reboot while they are working.
Dig Deeper on Windows 10 updates
Related Q&A from Brien Posey
While only a small number of hardware vendors offer DPUs, the technology has significant implications for IT storage systems -- and the admins who ... Continue Reading
Microsoft 365 is a widely used service, but its many different applications make backup complicated. Watch out for these common roadblocks. Continue Reading
A ransomware attack on cloud storage can have catastrophic effects. Cloud storage is still online, which means it is susceptible to some cyberattacks... Continue Reading