Does 'Automatic Updates' install latest security patches

[Dan Williams]

Just read the latest news on Microsofts web sites about the latest critical
security patches for the MSBlast virus, etc:-

ie. Q824146 - MS03-039: A Buffer Overrun in RPCSS Could Allow an Attacker to
Run Malicious Programs
Q823980 - MS03-026: Buffer Overrun in RPC May Allow Code Execution

I was wondering, does scheduling 'Automatic Updates' to download updates and
install them, automatically cover these latest critical patches, and hence
any future ones. I would have thought that's what's written on the tin.

Is there anyway to check that these patches are installed and have been done
so by the Automatic Updates program.
I'd need to do this on several PC's in our network, including external
computers that dial in via a VPN connection.

Also, is there anyway to remotely schedule the Automatic Updates to download
and install the latest patches. Again, i need to do this for the other 20 or
so local PC's in my network, and approximately another 20 computers that
dial in. All machines are part of our SBS 2000 domain and are either Windows
2000 or XP Pro.

Thanks in advance

Dan Williams

 

[S.Sengupta]

Just read the latest news on Microsofts web sites about the latest critical
security patches for the MSBlast virus, etc:-

ie. Q824146 - MS03-039: A Buffer Overrun in RPCSS Could Allow an Attacker to
Run Malicious Programs
Q823980 - MS03-026: Buffer Overrun in RPC May Allow Code Execution

I was wondering, does scheduling 'Automatic Updates' to download updates and
install them, automatically cover these latest critical patches, and hence
any future ones. I would have thought that's what's written on the tin.

Is there anyway to check that these patches are installed and have been done
so by the Automatic Updates program.
I'd need to do this on several PC's in our network, including external
computers that dial in via a VPN connection.

Also, is there anyway to remotely schedule the Automatic Updates to download
and install the latest patches. Again, i need to do this for the other 20 or
so local PC's in my network, and approximately another 20 computers that
dial in. All machines are part of our SBS 2000 domain and are either Windows
2000 or XP Pro.

Thanks in advance

Dan Williams

Hi!
Windows automatic updates install latest security patches too as released by
Microsoft to run computers without any hiccup.
with regards/
ssg/pronetworks.org

 

[Dan Williams]

Sorry, i should have mentioned that most of my users log on without
Administrator priviledges, thus making Automatic Updates useless.

I've done a bit of research myself and found this:- (URL will wrap, so best
to cut and paste it to your browser)

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/topics/patch/default.asp

I'm currently looking at persuading the boss to let me deploy the SMS
software update package with SUS.

Cheers

Dan.

 

[sgolemon]

Do some checking, I believe you can set a group policy that will update the
clients without admin privelidges. If you have a lot of clients, an SUS
server would make more sense, and its free. The advantage is that you don't
have every client hogging up the internet bandwidth every time they update.