Heh. Well…okay, they don’t rock but despite so many administrators’ hardline positions against the function, I think there is tremendous use for it by a one man IT department. Especially in an office where most people use common Windows programs. It automates part of my work and keeps PCs regularly protected. I feel there is a greater chance of a vulnerability being exploited in the OS than a bad patch being deployed.
I only do this for the workstations, of course. I also don’t leave the default “everyday” schedule, instead picking arbitrary days and times. The purpose for the latter is to stagger the updates so by chance MS puts out a bad patch, I can do something or they have time to do something. Also all the computers don’t hit the site together dragging down our T.
I know I can set up WSUS (info) but honestly I don’t have the time to manage MS’s patches right now. And I’m satisfied enough with the staggered schedule that bandwidth won’t be an issue…
Alright, alright, I’ll set it up soon. Sheesh!