Windows XP 'automatic updates' service - Can I disable it ?
Created: 27 Nov 2012 | Updated: 14 Dec 2012 | 9 comments
Does patch Management require that 'automatic updates' service in windows XP be running to intall scan/patches ?
Joe.
Discussion Filed Under:
Comments 9 Comments • Jump to latest comment
No, it is not required - it can be safely disabled on Windows XP. Now Vista and Windows 7 are a different story - it has to be running to install certain updates.
------------------------------------
Sr. Principal SQA Engineer
Symantec
Windows update needs to be enabled in order for patch management to function in Windows 7? Doesnt that defeat a major purpose of Patch Management then?
Hi MichaelCiv,
Given service is used not directly by Patch Management but by updates themselves.
If this service is disabled, programs will not be able to use the Windows Update Agent (WUA) API. During installation of .msu files wusa.exe calls the appropriate functions in the WUA API (http://support.microsoft.com/kb/934307), so this service is required for successfull patching via .MSU files.
Thanks,
Roman
But since this thread is asking about Windows XP specifically, and .MSU updates are for Vista and Windows 7, then my previous response is still correct, right?
------------------------------------
Sr. Principal SQA Engineer
Symantec
Andrew your response directly conflicts with a response from Symantec employee EMercado on 10 Dec for the similar question:
Does Symantec Patch Management require the wuauserv service to be running?
Created: 10 Dec 2012 | 1 comment
His response was:
Yes, the Windows Update Agent is necessary because Patch Management runs the actual patch binaries from Microsoft, and those require Windows Update Agent. Altiris is not recreating the binaries themselves, just packaging the command line runs.
Which is the correct answer?
Thats Nice one..
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
So I have to enable Windows Updates on Windows 7? Whats best practice for doing this because we use patch management in our enviorment so users are not prompted in any way about patches. How can I enable it in Windows 7 without it prompting?
You disable the windows update through GPO but not the service on the machine. Thats how I got it configured.
Joe.
I concur with Andrew Bosch, for this configuration is only required within the more recent MS OS's. This setting shouldn't need to be enabled for Windows XP and older Operating Systems.
The newer OS's like Vista / Windows 7 / Windows Server 2008; have updated security schema that requires the service to be enabled for installation of most Microsoft Software Updates.
I advise to configure the 'Windows Update' Service to run configured with the 'Manual' setting on each client running one of these newer MS OS's. This is detailed on KM: TECH41678.
Would you like to reply?
Login or Register to post your comment.