Windows Update Policy

New cyber security threats are always emerging and recently one of the more successful malware campaigns that have crippled some of the largest organizations across the globe is ransomware.  Ransomware is a type of infection that encrypts computer data, making it inaccessible, until a ransom is paid to the attacker.  Attackers using this method have successfully interrupted daily operations for many different organizations like FedEx and Nissan, but they also target Hospital and University networks as well.  What makes these attacks so successful is that they frequently leverage system vulnerabilities and they target critical data that’s essential to the organizations daily operations.

One of the ways that we protect ourselves here at Stockton against ransomware is through the comprehensive system back-up’s that we maintain.  Although this ensures that our data is always protected it doesn’t prevent the attack from occurring in the first place. One of the ways that we can ensure that our machines stay protected from these vulnerabilities is by applying critical security updates as soon as they’re available.

In October of 2003 Microsoft started a monthly update cycle referred to as “Patch Tuesday” where any critical system updates for their products are released on the second Tuesday of every month.  On the second Tuesday of every month every Microsoft Windows operating system receives critical system updates and apples them prompting a restart of the computer.  With the advent of Windows 10 Microsoft now automatically downloads and installs updates on the second Tuesday of every month and will even automatically restart your computer to apply the updates.

To ensure that our computers maintain the latest set of critical security updates from Microsoft our workstations will follow the same patching schedule that Microsoft maintains on personal Windows computers.  Our machines will download and install windows updates from Microsoft on the second Tuesday of every month and then require a restart to apply in the next 24 hours. Your computer will notify you when the updates have been applied and request that you restart the machine. If the 24-hour deadline is met without a restart the computer will start a 60-minute countdown on the screen requesting you to restart the computer before it is automatically restarted to apply the security updates