I have recently started working in a small business where the systems/server administrator did not keep up to date with server patching. There are 2 servers: 1 Windows 2008 and 1 2012. I have been tasked to update the servers with patches current to January 2018. A few questions:
– Will MBSA work on these servers?
– There are roughly 400 patches, 68 of which are critical updates.
– Can WSUS be used for only 2 servers or is Windows Update enough?
– There is a rollback feature built in to Windows Update if I recall.
Overall, what is the best way to proceed here? Do the patches have to be applied in reverse order and how to determine which are absolutely essential From the MSDN documentation I have read, it’s obvious to make a back up of these servers before proceeding. Both servers host several VMs for the company.
Is there a document, site or external resources where I could find some specific direction on the questions above? Did a lot of searching but no specific guidance on how to proceed restoring/applying patches on servers that are several years behind.