TSS-managed computers are updated as software and operating systems updates and patches* are made available by the vendors (Microsoft, Adobe, Oracle, etc.). Individuals who manage their own computers should refer to UFIT Information Security's recommendations to "Stay Updated."
*Note: While there are technical differences between an update and patch, the terms will be used interchangeably for the remainder of this page.
- Patches from Microsoft are typically issued on the second Tuesday of the month, with TSS pushing the patches to various customer groups on the following Wednesday (pre-patch group), Friday (standard patch group) and Monday (groups with sensitive weekend operations).
- When a reboot is needed - if the customer hasn't already restarted their machines after the patches have been installed - it will occur during the nightly maintenance window, generally from 11:00 pm to 6:00 am. For the Monday patching group, the required reboots will occur on Tuesday morning between 5:00 am and 9:00 am.
- For details on Microsoft's monthly security updates, please see the Microsoft Security Bulletin.
- TSS also pushes out patches at the end of the month to catch any machines that were not updated in the second week, following the schedule above.
- Critical patches for Java and Flash can be released at irregular times and thus might be pushed to computers on any given week, following the schedule above.
- If patch installation and required restarts can not be completed within the maintenance window, the process will repeat the following night during the same time frame.
- If a machine has missed a patching cycle - for instance from being turned off and disconnected from the UF network, or from being taken off-campus and not in communication with the internet and the UF network - patches will be installed the next time the computer contacts the UF network.
- A "Zero Day" exploit is when software vulnerabilities are actively being used by hackers; these updates are rolled out as soon as they are released from the software vendor.
Patch & Update Announcements
TSS typically emails announcements of upcoming updates to the various patch groups the day before their maintenance window. In some cases the email is sent out the same day, such as for zero day patches or when updates required additional testing.
Checking Your Windows Computer for Updates
If the nightly maintenance window would interfere with your work, follow the instructions below to check that patches are downloaded and installed, and then reboot your computers before the nightly deadline.
Once TSS deploys updates on your computer, you should see a system-tray notification popup (or a Windows 8/10 style notification). However, if you missed the notification, you can also tell by checking your system-tray icons for a green icon:
Your system tray may be collapsed and hiding some icons, so you might need to click on the small arrow to expand it:
When you click on the green icon, you’ll get two options:
If you select Open Software Center you’ll get a window similar to this:
In the Software Center window you can choose whether to deploy the updates now, or to be reminded later. Clicking on View Details will bring up the full Software Center window (the same would have happened if clicking on View Required Software from the green icon’s menu):
In the full Software Center window you can see more details about the available updates, whether a restart will be required, and you can also choose how to proceed from here with regards to deploying now or later. If some updates were already deployed and a restart is required to proceed further, you may initiate that from here as well. Note that in the context of this process, the word “software” in the interface is interchangeable with “update”.
If you chose to deploy the updates now, and if after deployment they require a reboot, you will get a notification reminding you. If you miss the notification, you may double check by going back to the green system-tray icon, it will present you with slightly different options:
When you click Open Restart Window you’ll see a window:
If the deadline has not been reached, you won’t see it mentioned above. However, after the deadline you’ll see it mentioned in the message.
We’ve also designed a supplemental alert system to let users know if their computer is in a pending-reboot state. If your computer is in a pending reboot state, sometime during the day you should get a notification popup:
The above is simply a reminder, and you’ll need to restart your computer manually at your convenience (or, after the deadline it will restart automatically during the nightly reboot maintenance window).
If you have questions or concerns about patching and updates on TSS-managed computers, please submit a MyIT Help Request for more information.