Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Hyper-V Patch: Not Just a Windows Update

Today we’ll look at why you should patch Hyper-V (and possibly failover clustering) on your Hyper-V hosts. We will also show you where you can download these updates.

Why You Should Apply Hyper-V Patches

When you run Windows Update, including System Center Configuration Manager and Windows Server Update Services (WSUS), you are downloading the updates that are shared by Microsoft using the Windows Catalog. This catalog typically contains:

  • Security fixes
  • Service packs
  • Update rollups
  • Other updates

But the catalog almost never contains hotfixes that repair bugs in software. Downloading and deploying hotfixes is not something that was normally done for Windows computers; typically you only downloaded a hotfix when asked to do so by a Microsoft support agent in response to some specific issue. Normally you get these fixes when we install an update rollup, apply a service pack, or upgrade our operating system. You normally don’t experience issues (or accept that issues exist) and just get on with it.

However, things are different with virtualization. Our hosts are servers that are stressed in ways that are unusual for normal servers. Memory management is pushed to the limits. Networking is made to work harder than ever. Storage nearly has steam coming out of it. And failover clustering is doing more than just making a SQL Server instance or a few file shares highly available. Bugs are inevitable in any software that is more complex than “Hello World,” and using virtualization is a good way to find them. And this is exactly why we need to apply bug fixes to our Hyper-V hosts, and we need to know where to find them if WSUS is not downloading them.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Hyper-V Hotfixes

The relevant teams in Microsoft have opted to post details of released updates on the TechNet Wiki instead of the more formal TechNet site. This is probably because they can publish information more rapidly without waiting on editorial controls and marketing reviews. You can find the updates for Hyper-V at these two links.

available hotfixes for Windows Server 2012 Hyper-V

List of available hotfixes for Windows Server 2012 Hyper-V.

Failover Clustering Hotfixes

The list of recommended updates for Failover Clustering can be found at these two links.

Downloading and Applying Updates

Browse the list and download relevant updates. For example:

  • Updates for AMD processors are irrelevant for hosts with Intel processors.
  • Failover clustering updates are irrelevant if you do not enable failover clustering.

There is some debate about proactively deploying these sorts of updates. Some legally defensive Microsoft employees might recommend not deploying an update unless it will fix an issue that you are experiencing. However, many of us in the industry recommend proactively deploying these updates to prevent issues. For example, a recent update (KB2848344) increases cluster resiliency on Windows Server 2012. In another, an update to Windows Server 2008 R2 prevented an Intel processor issue that would randomly crash hosts.

You can easily deploy updates to hosts using Windows Update. Several mechanisms exist to enable zero-downtime to services that are hosted on Hyper-V clusters, including VMM baselines and Cluster Aware Updating.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: