Friday, November 26, 2010

Implementing WSUS for SQL Server Patch Management

Windows Server Update Services (WSUS) is the solution provided by Microsoft for enterprise patch management.

Using WSUS, network administrators updates specific computers and groups and determine automatically whether updates are appropriate for each targeted computer prior to installation.
It is a best practice to deploy an update in a test group before distributing it throughout your production network, as you can determine its impact before it can impair your production computers. Thereby you can avoid unscheduled downtime and productivity loss.
The following steps will be carried out to implement WSUS:
  1. Configure Updates and Set up Synchronization with Microsoft’s Windows Update site.
  2. Create a Computer Group for Updates.
  3. Approve the updates in WSUS and Deploy in your test server.
  4. Check the updates installed in test server.
  5. Approve the updates in WSUS and Deploy in SQL Server group.
  6. Check the updates installed in SQL Server group.


  1. You came to know that a new update is available in Microsoft’s Windows Update site. The update will fix some SQL server issues. How will you deploy the update to all SQL servers in your company?

(a) Deploy the update in all SQL server boxes manually one by one.

(b) Deploy the update in all production SQL server boxes directly using WSUS.

(c) Deploy the update first in test server, after ensuring no issues, deploy in production using WSUS.
(d) Do not deploy the update. Instead wait for the next release of SQL Server application.

Show Answers:

For additional resources on how to implement WSUS server :
  • The WSUS homepage at
  • TechNet article, "Patch Management Using Microsoft Software Update Services" at
  • Software Update Services Deployment white paper at

1 comment:

  1. As the above steps are great idea to install and configure the WSUS.

    In-depth knowledge and simplicity of this article is greatly appreciated, keep up the good work.