Ezine 128 – Windows Update ServiceThis week’s ezine has three strands; each is joined by the common thread – Windows Update Service. Firstly a challenge – check your Windows Update interface. See if the settings are what, and where, you think they are. Secondly, I want to provide help for that day when the temporary files have become corrupted and your Update Service stops working. Thirdly, a reminder for Windows Administrators, research what installing WSUS (free) could do for your Windows network.
Why you need patches and hot-fixesIt is true to say that Microsoft did not make Windows Server 2003, XP, or Vista flawless on first release. Errors range from spelling mistakes in the menus, to defects in a service, to security holes that hackers can exploit. To be fair to Microsoft, probably no other software is perfect when sold either, but any mistake in a Microsoft product is subjected to intense media scrutiny. To digress, my friend ‘Mad’ Mick has indoctrinated me that UNIX is perfect and indestructible. Last week my AutoResponder stopped working. As it is housed on my ISP’s UNIX server I thought of Mick’s advice and never even considered there could be a fault with a cron daemon on the Apache server. This undue faith in cron cost me three days of looking fruitlessly at MySQL commands; whereas I should have contacted the UNIX expert on day one, and asked him to repair the cron daemon. The solution – Windows updatesMicrosoft has pioneered a system whereby every Windows operating system has a built-in update service. The idea is that your machine polls the Microsoft Update Service and downloads patches, security updates and hotfixes as necessary. Consequently the Windows operating system and program such as MS Office are up-to-date and protected from maleware. My advice with the Update system either embrace it fully, or turn it off and forget about it. If you like the idea of the free Update service, then check that your settings minimise the delay between Microsoft issuing a patch and your system installing. Avoid the trap where you ask Window to check for Updates at 4.00 am, but then turn the machine off every night! I have heard from both sides of the security fence that hackers also download these patches, but their motive is to reverse engineer the fix, re-create the problem and produce a virus which attacks un-patched machines. A security expert told me he could always detect a huge peak in virus attacks AFTER Microsoft released patches. Also a self-confessed hacker on one of my courses told me this is precisely what he did in his spare time. No, no, I was training him Exchange, not hacking! My point is you need to respond quickly to each update, thus I recommend the Automatic settings. Where do you find the Windows Update Service Settings?
Check Your Group Policy for Windows Update SettingsPerhaps your Windows Updates are controlled via group policy? If they are, or if they should be, then here are the settings to check.
Solarwinds (EminentWare) Patch ManagerSolarwinds Patch manager is great way to extend what WSUS can do. Indeed, the more you get into patch management for network, the more factors come to light, and the greater the need for a program to automate the procedure based on your business logic. Solarwind Patch Manager will exceed your expectations, for example, in addition to keeping all your computers’ software up-to-date, it can discover machines which are imperfectly configured. See more on extending WSUS with Solarwinds Patch Manager » How to fix corrupted temporary files – Kindly researched by Paul DeBrinoBackground information The name for the Windows Update Service is WuAuServ – fair enough. However if you scour the Window Services snap-in you will not find it listed under ‘W’ for Windows, ‘U’ for Update, or even ‘M’ for Microsoft. Curious, I ran a simple PowerShell command: get-service. Now I could see the name wuauserv, and opposite it the ‘DisplayName’ ‘Automatic Updates’. Mmm the Windows Update Service begins with ‘A’ for Automatic. The reason I mention this strange naming convention is if you are going to troubleshoot, then the logical place to begin is by checking that the Automatic Updates is set to Automatic and has in fact started. Problems with the Windows Update Service may occur if the temporary folder belonging to Windows Update has been corrupted. The following steps explain how to remove these temporary folders and subfolders. Please be assured the folders will be created again by the operating system. However, ”If it ain’t broke, then don’t fix it”, just store these instructions for that day when the Windows Update Service produces errors. Step-by-step Instructions to repair a corrupted temporary folder
Guy Recommends: Tools4ever’s UMRATired of writing scripts? The User Management Resource Administrator solution by Tools4ever offers an alternative to time-consuming manual processes. It features 100% auto provisioning, Helpdesk Delegation, Connectors to more than 130 systems/applications, Workflow Management, Self Service and many other benefits. Click on the link for more information onUMRA. Introduction to WSUSCompletely independent of the above Automatic Updates is a bolt-on service called WSUS (Windows Server Updates Service). WSUS removes the need for clients to individually connect to Microsoft’s site every time there is a new hotfix. Thus saving network traffic and reducing user error. The principle behind WSUS is that your Windows 2003 server contacts Microsoft’s master update service on the internet and copies down all the patches, security updates and hotfixes locally. If you have the time you can test then ‘Approve’ the patches before your XP or Vista clients update from their local WSUS server. When time is short you can omit the approval stage. See also: Diagnostic Tool for WSUS Agent 3 Elements of WSUS
What WSUS does is work with Intellimirror and Group Policy to support XP and Vista clients. The group policy template wuau.adm is responsible for the WSUS updates. This wuau.adm comes automatically with Windows Server 2003. See Windows 8 Group Policy Settings WSUS – WUS in a name?WSUS (3.0) was formerly known as WUS (2.0). It seemed whoever trawled the world’s languages checking that an acronym is not rude, missed the Welsh language, Cymraeg. In Welsh WUS, could mean a friend as in ‘Watch ya wus’, unfortunately for Microsoft, amongst Welsh speakers WUS could also mean, a fool, or an idiot. ‘Dew, dew bach, that new English scrum half is a bit of a wus’. Thus a few years back Microsoft discretely phased out the word WUS and heralded son of WUS – WSUS. Will and Guy’s HumourOn a related topic, Will and Guy invite you to have a laugh at our funny examples of Engrish. For example, a sign Korean sign saying: Luggage Disembowel, instead of Baggage Reclaim. Also a Vietnamese Con Shop instead of Corn Shop! See more amusing Engrish Windows 8 Features:• Windows 8 New Features • Windows 8 Metro UI • Windows 8 Tips • Windows 8 FAQ • Ezines •SLA Monitor •Network Performance Monitor (NPM) • Windows 8 Home • E 128 Win Update • E 174 Win 8 Traps •E 168 UAC • E 163 Update • E 152 Closet • E 139 End Msoft |