WavebreakmediaMicro - Fotolia
A comprehensive plan to address ongoing application and OS updates is a must for enterprise IT professionals.
Without a plan, workstations, servers, mobile devices and more are at risk for security breaches, technical issues due to bugs and compliances failures. Windows is the most commonly used desktop OS in the enterprise, so IT needs a strategy to deal with the Windows 10 update structure and any Windows update issues that come with it.
Windows 10's approach to OS updates
The Windows 10 update distribution model has been around since the OS' initial release in 2015, and it provides IT departments with a more consistent approach to OS updates without requiring full migrations.
Microsoft classifies its Windows updates into two distinct categories. The first category is general updates, which Microsoft releases monthly -- or more frequently if there are critical security updates. The second type of updates is semiannual, and they contain the feature updates that add new functionality to the OS.
This is a significant change from the update structure of previous versions of Windows, which required IT to perform full OS upgrades. These upgrades came with major changes to the interface and kernel, starting with Windows 3.11. With Windows 10, IT can maintain the same desktop OS and simply roll out holistic updates and treat them just like any other Windows update.
Users also benefit from this approach to Windows updates in some ways because they don't have to worry about relearning a new OS' interface, icons, menus, layouts and other intricacies after each update. This was a major issue with migrations to Windows 2000, Windows XP, Windows 8 and even Windows 10. With Windows 10 updates, most of the changes are more subtle and rolled out slowly to avoid migrating from OS to OS every few years.
While it may seem like things are easier for IT departments now that they simply maintain the same OS on their end user's machine and manage the updates as they are released, there are still some Windows update issues they may encounter. IT professionals should consider these policies and practices to ensure Windows updates roll out smoothly.
Managing Windows updates must be part of bigger update and patch management
There is more to patching and update deployment than just desktop OSes. In fact, IT staff usually must update numerous different products that their users rely on. These products and applications could include Adobe applications, mobile device OSes, browsers, Java, .NET framework and line-of-business applications. While Windows update issues present a major need for testing, each of these different products and applications could cause issues if IT deploys its updates without initial testing.
To ensure all the key systems receive relevant security or general updates, IT departments should consider tools that can assist them in managing system updates beyond just patching Windows machines. Tools such as SolarWinds and ManageEngine Desktop Central can help system administrators automate and schedule updates based on different criteria, such as departments, machine type or applications, from a central management console.
Test every Windows update or there may be major disruption
There have been many examples of Windows update issues due to bugs or incompatibility resulting in business disruptions. These Windows update issues have ranged from printer problems and data deletion to devices freezing and crashing. One of the best approaches for IT teams is to test all Windows updates on designated Windows 10 machines to ensure that the updates don't cause significant issues.
IT should make sure it tests applications, printing, connecting to different network resources and any other key aspects of users' workflows on the updated dummy desktop. This will also require IT to have a well-documented change management and update process to ensure someone runs these tests before every update.
IT professionals should build out their Windows update policy to include the following procedures:
- scheduled maintenance windows;
- recovery plan for failed updates;
- recovery plan for system issues from updates;
- deployment plan for Windows features updates and general Windows updates;
- end-user notification of updates and restart requirements;
- deployment plan for emergency security updates; and
- defined policies differentiating between server updates and workstation updates.
Microsoft rolled out Windows 10 update version 1909 on Feb. 27, 2020, and it mostly includes performance and quality improvements to the OS. IT departments must follow their testing process to avoid problems with this latest version and monitor Microsoft's documentation of known Windows update issues. For example, the previously mentioned February 2020 update caused some desktops using a proxy to have limited or no internet connection.