IT Services Update – Desktop Patching

The CFAES computer patch management program will use a different tool to install Microsoft security patches starting this month (February).  If the security patch requires a reboot, you will see the prompt (further down in this message).  It is important you take a few minutes to reboot your computer so the patch can complete the installation process.  Otherwise, your computer remains vulnerable.

As a reminder, CFAES IT releases Microsoft security patches either the first week of every month or the 5th week of the month (depending on the month).

Here’s our monthly patching timeline:

  • Second Tuesday of every month: Microsoft releases its new security patches
  • Second Tuesday through the third week of every month: IT tests the patches on 10 to 15 IT testing devices
  • Fourth week of every month: IT as a whole receives the patches for further testing
  • Either the first week of every month or the 5th week of the month (depending on the month): CFAES (the entire college) receives the patches

The above schedule is subject to acceleration should a zero-day, ultra-critical vulnerability surface requiring the deployment of a security patch (rarely happens).

Following the installation of the patch, if the security update requires a reboot and you have not yet done so within 3 days (your machine is still vulnerable), you’ll see a prompt asking you to save your work and reboot your computer.  You will have the option to delay for one additional day then the reboot will happen automatically.

As a reference, Ohio State’s Information Security Control Requirements (section IT10.4.1) requires all colleges to employ a desktop patch management program.

If you have any questions, please contact Rob Clifford at 614-292-9802 or

Leave a Reply

Your email address will not be published. Required fields are marked *