Automatically Applying Windows Updates on Servers.
It is important to apply updates to your Windows server. These updates help to keep your system secure and running at peak performance.
I do not recommend automatically applying these updates on your server, though. It is much better to set Windows updates to either “notify”, or “download updates and notify”. The biggest problem with automatically installing updates is having the server reboot. This may occur automatically. Even if the time for installing updates is set to sometime in the middle of the night, when you are off the system, such a reboot may occur later, when you are on. I have seen this in cases where the updates took a long time to install. Also, however, the reboot may be delayed. If for example, a user is left logged in on the console, the reboot may be delayed until after the user is logged off. Of course, that would typically occur when you are open and using your server. Also, some updates are installed when shutting down or starting up. I have seen such updates take an hour, or more, to install. Your server is unavailable during that time.
In addition to inconvenient restarting of your server, occasionally an update may require additional attention. Although it is rare, there may be recommended setting changes, or other manual steps. It is best to know about these and be prepared to address them, instead of suddenly being confronted with a server that is not working as desired.
My recommendation, therefore, is to not automatically apply updates on your servers. Instead, make it a frequent task to check the updates that are released, and determine which should be applied. Then, after checking for any possible issues with your setup, or software, to install those updates at a time when the server may be rebooted if needed. Then check your system after they are installed, and rebooted if needed, to make sure your system and software are operating properly.
While that is my recommendation for servers, it applies to a lesser degree to your workstations, also. For workstations, you should determine if you can tolerate an unanticipated reboot, with some possible downtime. If resources permit, I recommend handling your workstations the same as your servers, and reserve updates for manual processing.
Dave.