This article provides specifics related to software patching for Windows in the OIT Managed Desktop Environment. It is a child-article of the parent article "Software Updates and Patching in the OIT Managed Desktop Environment". Please review the parent article for a general introduction.
Example: Upgrading from Windows 10 21H2 to 22H2
Mandatory Restart Required: Yes
Deferment Available: No
Windows Operating system iterative updates are planned and communicated in advance ahead of the mandatory date when we force the update. There is no way for the user to defer these but they can plan ahead and submit a ticket requesting that we complete the update in advance. We also offer the option to implement it on your own schedule via Software Center.
Full release updates are deployed according to the university patching schedule with weeks of advance notice. The update takes place overnight and there is a mandatory restart for Windows computers that completes the update installation. The next morning, when you logon to the computer, Windows will complete the final update process. This can take between 3-20 minutes depending on the specifications of the computer and the size of the update. Typically it is around 3-5 minutes at logon.
Example: General updates to fix bugs or security vulnerabilities not classified as Critical.
Mandatory Restart Required: Variable. It depends on the type of update.
Deferment Available: No
For descriptions of the schedule for Windows general patches, please see the Type of Patches section of the Patching Policy for NC State Active Directory (AD).
Microsoft releases patches outside of a normal patch cycle for extraordinary security threats. This has happened no more than once in any given year over the last several years. This was independent of the CMS. Computers that are not in a CMS would have received these patches directly from Microsoft. There is no way for the user to defer those. Please review the process for emergency, out of band patching if you have additional questions.
The OIT Managed Desktop Service only manages updates to the applications we provide as part of our service. Primarily those include the Microsoft Office Suite & Adobe Acrobat.
Any questions on process or content contained in this document should be escalated through the NCSU Help desk and a have an incident assigned to the OIT_DESKTOP_SUPPORT team.
https://ncsu.service-now.com/kb_view.do?sysparm_article=KB0015879
https://www.activedirectory.ncsu.edu/services/patching/#patch-types-of-patches
https://www.activedirectory.ncsu.edu/services/patching/
https://www.activedirectory.ncsu.edu/services/patching/#patch-out-of-band-patching
Title: Microsoft Windows Software Updates and Patching
Service: Security Policy & Compliance
Template if applicable: NA
Assignment Group(s): OIT_DESKTOP_SUPPORT
Document Owner: OIT_DESKTOP_SUPPORT
Available Priorities: High, Medium, Low
Keywords: Microsoft Windows Software Updates and Patching, OIT Managed Desktop Service, updates, application patches, when is my computer updated, when is my computer patched, how is my computer updated, how is my machine patched, patching schedule, operating system updates, when is my operating system updated, Mac, Apple, Microsoft, Active Directory, application updates, operating system updates, operating system upgrades, application upgrade, software updates, software patch, software patching, Software Updates and Patching in the OIT Managed Desktop Environment, Apple macOS Software Updates and Patching