Video Screencast Help

Windows XP 'automatic updates' service - Can I disable it ?

Created: 27 Nov 2012 • Updated: 14 Dec 2012 | 9 comments

Does patch Management require that 'automatic updates' service in windows XP be running to intall scan/patches ?

Joe.

Comments 9 CommentsJump to latest comment

Andrew Bosch's picture

No, it is not required - it can be safely disabled on Windows XP.  Now Vista and Windows 7 are a different story - it has to be running to install certain updates.

------------------------------------
Sr. Principal SQA Engineer
Symantec

MichaelCiv's picture

Windows update needs to be enabled in order for patch management to function in Windows 7? Doesnt that defeat a major purpose of Patch Management then? 

Roman Vassiljev's picture

Hi MichaelCiv,

Given service is used not directly by Patch Management but by updates themselves.
If this service is disabled, programs will not be able to use the Windows Update Agent (WUA) API. During installation of .msu files wusa.exe calls the appropriate functions in the WUA API (http://support.microsoft.com/kb/934307), so this service is required for successfull patching via .MSU files.

Thanks,
Roman

Andrew Bosch's picture

But since this thread is asking about Windows XP specifically, and .MSU updates are for Vista and Windows 7, then my previous response is still correct, right?

------------------------------------
Sr. Principal SQA Engineer
Symantec

HMTECH's picture

Andrew your response directly conflicts with a response from Symantec employee EMercado on 10 Dec for the similar question: 

Does Symantec Patch Management require the wuauserv service to be running?

Created: 10 Dec 2012 | 1 comment

His response was: 

Yes, the Windows Update Agent is necessary because Patch Management runs the actual patch binaries from Microsoft, and those require Windows Update Agent. Altiris is not recreating the binaries themselves, just packaging the command line runs.

 

Which is the correct answer?

Ambesh_444's picture

Thats Nice one..

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

MichaelCiv's picture

So I have to enable Windows Updates on Windows 7? Whats best practice for doing this because we use patch management in our enviorment so users are not prompted in any way about patches. How can I enable it in Windows 7 without it prompting?

BugTastic's picture

You disable the windows update through GPO but not the service on the machine. Thats how I got it configured.

Joe.

Joshua Rasmussen's picture

I concur with Andrew Bosch, for this configuration is only required within the more recent MS OS's. This setting shouldn't need to be enabled for Windows XP and older Operating Systems.

The newer OS's like Vista / Windows 7 / Windows Server 2008; have updated security schema that requires the service to be enabled for installation of most Microsoft Software Updates.

I advise to configure the 'Windows Update' Service to run configured with the 'Manual' setting on each client running one of these newer MS OS's. This is detailed on KM: TECH41678.