Windows 7: Haven't done updates in a while - what's the best approach?

I've always been very conservative in applying updates, but in this case I now have quite a few that are on the list which I have to install. The question is whether it's safe to do a large number from the stock Update tool. Or should I install the System Update Readiness Tool and use that?

Are there any critical updates which have been shown to be problematic?

Running Windows 7 x64 Ultimate. Full retail installed on a clean drive.

I would install critical updates first and important updates second. Install just a couple at a time to make sure your computer doesn't have any ill effects. If it does you can use system restore to revert back to its previous state. Once you've done all critical and important updates, then you can work on the optionals a couple at a time. I haven't experienced any problems with any of the updates on my 7 Pro.

Hi there
just run the lot -- Windows 7 will take care of what it needs.
You DON'T need the optional updates.

Another OK solution is if your system is working OK is just wait until SP1 and then apply the whole kybosh in one go.

My motto is that "If it isn't broken don't fix it".

If you run AV software then keep that up to date but you can reasonably ignore the rest until SP1 if you surf sensibly etc.

Cheers
jimbo

That's been my approach. I've just been looking at the list of uninstalled updates (critical and otherwise) and it's pretty large at this point. On the other hand I don't do any surfing to questionable sites, or open emails from questionable sources / with attachments. Everything is working with no issues.

Does anyone really know when SP1 is supposed to be released?

I would concentrate on the security updates. Make sure that system restore is enabled or take an image. Then you can always set back in case of trouble - which is unlikely. For functional updates I agree - they need not be installed as long as things work.

I always keep mine up-to-date, as many of the updates plug security holes, or possible exploit points.

True, keeping your AV up to date and being cautious is always a must, but I feel the more secure the better.

I would just go ahead and let it update all of the Important and Recommended updates.

It may take a while, and just be aware after first boot there may be some disk activity as it optimized certain things, (like Net Framework) if you havent updated this in a while.

I guess I have just been lucky but I have 9 Win 7 systems at home (4 kids) that I install all updates on (except the optional updates concerning languages we don't use) and have never had an issue. Prior to Win 7 most of these machines ran XP and all updtates were installed there, again no issue.

At work I have a lab with about 20 machines (most running Win 2003 Server) that I also keep updated. I have never needed to back out an update.

Since it's been awhile since you have updated, I would follow the advice of setting a restore point and doing a few updates at a time, starting with the critical and security updates. You might consider setting restore points between groups of updates although many updates automatically set restore points.

In the future, you might consider regularly installing the critical and security updates.

Yes, that's probably the best approach, but I tend to over analyze the process, finding out in advance if others have had problems with a given update before I decide to install. This quickly tends to back things up. OTOH, in doing this sort of pick and choose approach (sometimes waiting for SP bundles in past Win OSes to get the rest) I've never had a problem.

That is my motto for a number of things as well.

However, if Microsoft is releasing updates and listing them as critical then clearly something is broke. Perhaps I just don't know about it, or I haven't run into a point where it would cause me a problem.

A ton of problems we have experienced on the web have spread due to unpatched boxes which have a known security issue that has been exploited. By keeping up to date and applying these patches, we slow the spread of this stuff down. Some people may even have an infected/impacted box at home and may not know about it at all.

With regards to Windows updates, i leave them turned on. For my home personal computers, it's pretty much always been that way and my experienced problems are tiny compared to the number of updates that I have received. I just do the default critical updates and such...never the optional or the driver updates. (that's where I tow the line, "if it ain't broke".

At work, I run the WSUS server and patch all of the Windows workstations. It's extremely rare that I ever decline any of the critical or security updates.

Well I've got all the Important ones up to (but not including) August and forward installed. No obvious problems.

Is there anything out there from August on that I should be careful with?