The previous article in this series presented a number of solutions using scripting and third-party freeware utilities to enable remote query registry and patch deployment. We continue our coverage of free patching methodologies with a focus on Microsoft’s operating system enhancements and products.
The most basic patch-related technology available in Windows 2000 and above is Windows Update. The functionality relies on cooperation between client and server components, but gives administrators a host of options for configuring the tool. We continue our patching series with a focus on these choices.
The most basic patch-related technology available in Windows ME, 2000, XP, and 2003 is Windows Update. Its mechanism is based on the cooperation between a client and server components. The client operates as the Automatic Updates service running in the security context of the Local System account (with the exception of Windows ME, where it is implemented as an executable loaded at the time of a user’s logon). The service starts at the operating system startup (although you can disable it or use various customization options to alter this default behavior).
Clients are configured to connect to Windows Update servers automatically and receive a list of missing updates, based on a comparison of the client configuration data (such as operating system and Internet Explorer versions, hardware plug-and-play information, regional and language settings, and patch-level status) against Windows Update Catalog (located at http://windowsupdate.microsoft.com).
Updates for the legacy operating systems (not supporting Windows Update functionality) are available through the Microsoft Download Center at the following locations:
Windows Update evolved from Critical Update Notification utility available for Windows 98 and pre-SP3 Windows 2000. The first version was released around the same time as Windows 2000 SP3; however, it also works on Windows 2000 SP2 computers. The most significant improvement between the two was the Automatic Update feature, which allows custom scheduling that can be configured in several ways:
After downloading the template, copy it to the inf subfolder in the Windows installation directory (typically C:WINDOWSinf). Next, launch the local Group Policy Editor (gpedit.msc), expand the Computer Configuration node, right-click on Administrative Templates, and select Add/Remove Templates. If WUAU is not already listed there, add the one copied to the WINDOWSinf subfolder.
Marcin Policht obtained his Master of Computer Science degree about 20 years ago and has been since then working in the Information Technology field, handling variety of responsibilities, but focusing primarily on the areas of identity and access management, virtualization, system management, and, more recently private, hybrid, and public cloud services. He has authored the first book dedicated to Windows Management Instrumentation and co-written several others dealing with subjects ranging from core operating system features to high-availability solutions. His articles have been published on such Web sites as ServerWatch.com and DatabaseJournal.com. For his contributions to the Microsoft technical community, he has been awarded the title of Microsoft MVP over the last ten years.
ServerWatch is a top resource on servers. Explore the latest news, reviews and guides for server administrators now.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
