Once again there are urgent security patches released for Windows, and this time the problems they fix are “potentially catastrophic” issues with the encryption stack. This is why you should have Windows install updates automatically.
It’s possible you leap into action every time you see the security notification, but many people don’t. And, if you do, what’s the point of installing critical security updates manually? Just have them install themselves.
Patches Should Be Installed as Soon As Possible
You often need to patch security problems as soon as possible to fix whatever the problem is. After a patch is released, the security hole becomes public knowledge if it wasn’t already. Attackers now know the problem and can rush to start exploiting it as soon as possible before people update. Attackers know business and home users are often slow to update, and they can wreak some havoc in the time before people patch.
Just selecting “manually install updates” and installing updates when you remember to do so isn’t really good enough. You want Windows Update to install those updates for you automatically. For software like your web browser and browser plug-ins, you also want to leave automatic updates enabled — thankfully, that’s the default these days. If you disable automatic updates for Firefox, Flash, Adobe Reader, or other important software, you should go turn them back on right now.
It’s Not As Annoying As You Think
Automatic updates get a bad rap. In Windows XP and Windows Vista, your computer might automatically install updates while you get up for a coffee break and have rebooted itself by the time you get back. You could lose all your work if you weren’t there to stop the 10-minute automatic reboot countdown. This led to many people disabling those automatic updates.
But Windows has improved since then. Windows 7 and 8 are configured to install updates at more convenient times, often when you reboot or shut down your PC if possible. On Windows 8 and 8.1, there’s a much longer grace period — you see a “you recently updated, so you need to reboot your PC” message, but your computer will wait three entire days before rebooting on its own. You’ll have plenty of time to restart on your own terms without losing your work.
That’s right: You don’t have to click a button every four hours to postpone the reboot. You can actually use your computer without being harassed! If only Windows 8 and 8.1 didn’t have so many other problems that are making people cling to Windows 7.
This Registry Hack Prevents Automatic Reboots
If you’d like to avoid the automatic reboots entirely, you can. A registry hack allows you to prevent these automatic reboots from occurring. You can then enable automatic updates and get on with your life, secure in the knowledge that your computer won’t automatically reboot itself when you step away. The registry hack flips a setting you can change in group policy on Professional and Enterprise editions of Windows.
Big Problems Are Rare
Some people are scared to install updates because of potential system problems, from blue screens and corrupted Windows installations to various other issues. And, indeed, Microsoft’s Windows Updates seem to have had more problems than usual lately.
Such problems have been very rare. This year, there was an update for Windows 7 that caused blue screens of death on some PCs. Aside from that, we’ve seen a few botched updates but no updates that led to blue screens like that. In some cases, driver updates have broken some drivers. In 2009, a McAfee antivirus update made some computers unbootable, but that only affected computers running that particular antivirus — one we wouldn’t necessarily recommend.
RELATED: What to Do When Windows Won't Boot
Exactly how many computers were affected by these problems? We don’t have any good data that tells us this, but it’s a minuscule percentage of people. On the other hand, there are millions and millions of computers that are part of botnets, often because they refused to install security updates and ended up infected. Some people have estimated that 500 million computers each year become part of botnets. Far, far fewer computers than that experience problems with updates.
Spend any time at all on the Internet and you’ll realize that malware is a much bigger problem than Windows Update breaking computers. One is very rare — and can be fixed with System Restore or a similar recovery feature if it ever happens — while one is much more common and can result in the theft of your important data.
Optional Updates Are Optional
You’re free to ignore optional updates for a while, if you like. You can choose what you want to do with optional updates in your Windows Update settings, and you could have Windows only install critical security updates. You could then install optional updates on your own schedule. If you’re really worried, this would reduce the amount of potential update problems you experience while ensuring you get the critical security updates you need.
To do this, visit the Windows Update settings in the Control Panel and uncheck the “Give me recommended updates the same way I receive important updates” checkbox.
Even if you consider yourself an advanced Windows geek who knows what you’re doing, this is especially critical if you’re setting up someone else’s computer. They should be getting Windows Updates automatically so they don’t end up ignoring the notification and never installing updates.
If you instantly install the updates every time you see them, you technically don’t need to do this. But, if you’re instantly installing the updates, why not just have them installed automatically? If the reason is to avoid reboots, Windows 8 is better about this and all versions of Windows allow you to avoid that annoying reboot with a single registry hack. Windows will also allow you to install updates while restarting or shutting down your computer, so Windows respects your time much more than it used to. Automatic updates are critical for Windows users.