Automatic Installation of Security Updates

Applies To: Windows Server 2003, Windows Server 2003 with SP1

As a security best practice, keep IIS up-to-date with the current security updates that Microsoft releases. With Windows Server 2003 Automatic Updates, you can install updates automatically so that the most critical code is updated on your computer, based on a schedule that you specify. You do not need to be logged on to the computer for the installation to occur. By minimizing the time that you spend logged on to your computer as a member of the Administrators group, your computer is less vulnerable to attack.

The only IIS updates that are available for scheduled automatic installation are critical security-related hotfixes. Because these hotfixes might require restarting the operating system, you can delay or change the time of the scheduled installation. You must be logged on as an administrator to change the scheduled installation time.

When an update is available for automatic installation, two events occur:

• At the scheduled installation time, the Priority 0 Critical security hotfix is installed.

• After the scheduled installation takes place, an event is logged notifying you that the hotfix has been installed successfully.

For information about scheduling automatic updates, see To schedule automatic updates in Microsoft Windows Server 2003 documentation.