How Can We Help?

Categories

Windows Update Patch Policies and Schedules

You are here:

This page outlines the default categories within the briteCITY Patch Management Policy for all Windows Workstations and Servers managed b​y briteCITY.​

Categories with a policy of “Severity-based” are installed depending on the SEVERITY level indicated by Microsoft for that patch, and the SEVERITY categories’ approval settings themselves, indicated near the bottom of the table below.

See also: Daytime Patching

Windows Update Schedules & Policies

Machine CategoryScheduleReboot PolicyDaytime Patching EnabledWindows Update Assistant ModeInstall Missing Baseline PatchesCreate Windows Restore PointWindows 10 Service BranchDefer Feature/Quality Updates
WorkstationsNightly, 1-3 AMDuring WU, Ask then DenyYesManaged Mode – UI DisabledYesYesSemi-Annual Channel15/7 Days
Servers (Host)Sat, 1-3 AMDuring WU, Ask then AllowNoManaged ModeYesYesSemi-Annual Channel15/7 Days
Servers (VMs, “bare metal”)Sun, 1-3 AMDuring WU, Ask then AllowNoManaged ModeYesYesSemi-Annual Channel15/7 Days

Windows Update Approval Policies

Windows Patch CategoryWorkstationsServers
Active Directory Rights Management Services Client 2.0DenySeverity-based
ASP.Net Web FrameworksApproveSeverity-based
Bing BarDenyDeny
Bing DesktopDenyDeny
Bing IMEDenyDeny
CAPICOMDenyApprove
Critical UpdatesApproveApprove
Definition UpdatesApproveApprove
DriversDenyDeny
Exchange ServerDenyApprove
Feature PacksDenyDeny
Microsoft DynamicsDenySeverity-based
Microsoft Lync ServerDenySeverity-based
Microsoft SQL ServerDenyApprove
Microsoft WorksDenyApprove
Microsoft OfficeApproveApprove
Report ViewerApproveApprove
Security UpdatesApproveApprove
SilverlightApproveSeverity-based
Service PacksApproveSeverity-based
Skype for WindowsApproveDeny
System CenterDenySeverity-based
ToolsApproveApprove
Update RollupsApproveSeverity-based
UpdatesApproveSeverity-based
UpgradesApproveDeny
SEVERITY
UnspecifiedApproveApprove
LowApproveApprove
ModerateApproveApprove
ImportantApproveApprove
CriticalApproveApprove
Common Vulnerability Scoring System (CVSS)Approve > 1Approve > 1

 

Jump to...