by

by: Sam C. Chan 10/5/01

Should I perform Automatic Windows Update? If so, which one(s)?

In large organizations, full time teams of IT administrators constantly assess the applicability, merits and risks of each update as they are announced. They conduct exhaustive tests in controlled environment with mission-critical applications, monitor reports from the field for specific bulletins and warnings, and then release the selected approved updates to end-users. When it comes to operating system (O.S.) updates, there are many conflicting principles and goals to consider. Each time you perform an update to the system, there's a risk of complications. Updates are never completed tested with all possible situations, as the permutations are infinite. Pre-existing corruption of a system might be brought to light when interacting with the updates, which naturally, expect healthy, uncorrupted systems.

Small businesses would have to consult their out-sourced IT department (if available), or try to make an educated guess by following these basic rules:

In general, you should accept most "critical updates." These are basically patches for known security vulnerabilities and general bugs. The risk of update is probably lower than the risk of the vulnerabilities due to their dangerous nature. The only notable exception in this category is Internet Explorer 6 update. If you're currently using IE55SP2, you should not routinely accept that update. Instead, remove it from your selection before proceeding.

The next category, "recommended updates" should be decided discriminately on a case-by-case basis. Update only if it solves a specific existing issue, or adds a much-needed functionality. Causal "why not" attitude has no place here.

The "drivers update" category should be considered if you are absolutely certain that the device detected is indeed the exact make/model you have. Even then, you should study the descriptions carefully and possibly check the manufacturer's site for further details. A driver that fixed a known bug that affects you is a good reason for update. One that promises improvement in performance is best skipped.

Finally, there are updates that are purely upgrades in nature. For example: new versions of Internet Explorer and Windows Media Player. The same rules apply here as when upgrading a stand-alone applications. Questions to ask are: How widely supported is the new version? Is it more demanding on the hardware, and will yours be adequate for it. Are the new features really useful and needed?

Often, updates are irreversible. Once applied, there's no practical way to completely revert back to the pre-update condition, even if you "uninstall" the update. That is unless you have a system (as opposed to data) backup of some sort.

Remember, leading edge is also bleeding edge. It's very common for manufacturers to release the latest and greatest driver, only retract them shortly after, due to unforeseen disastrous interaction under certain circumstances.

The rules listed here are for general reference only. Exceptions must be made in many situations.