Windows Patches for Cloud Servers with a Managed Operations Service level
All Windows® patches for cloud servers within the Rackspace Managed Operations service level are released by Microsoft® to the public on the second Tuesday of every month (known as Patch Tuesday). Rackspace tests
these patches against our server builds before we include them in updates to your production servers.
We deploy the patches to your servers three weeks after Microsoft releases them. Our Windows Server® images are configured to check our Windows Server Update Services (WSUS) server daily for updates by default, but we release
approved patches through our WSUS servers only once a month.
If you opted in to the Rackspace Managed Windows Patching service, you can manually install any software or updates that have been released by Microsoft, but are not yet available on our WSUS servers.
Use the Windows Update command located in the Start menu on your server to check for these patches directly from Microsoft. You can download most of these patches manually by going to the Microsoft knowledge base article for the patch. You can also contact Rackspace Support to request assistance with manually installing non-Rackspace approved patches on to your server. However, we cannot be held responsible for any issues that might arise from manually installing these patches before they are approved and released for update from our WSUS servers.
WSUS Endpoints
The following regions have WSUS servers:
Region | Data Center | WSUS endpoint |
---|---|---|
Dallas | DFW | https://msupdate.dfw.rackspace.com |
Chicago | ORD | https://msupdate.ord.rackspace.com |
North Virginia | IAD | https://msupdate.iad.rackspace.com |
Hong Kong | HKG | https://msupdate.hkg.rackspace.com |
Sydney | SYD | https://msupdate.syd.rackspace.com |
London | LON | https://msupdate.lon.rackspace.com |
We recommend that you get updates from the closest WSUS server.
The following table provides additional information:
Distribution | Patching | Mechanism | Patching servers | Frequency |
---|---|---|---|---|
Windows Server 2008 R2 | WSUS | msupdate.[dc].rackspace.com |
Nightly between 1 AM and 5 AM in the time zone in which your server is located:
|
Windows Patching Portal |
Windows Server 2012 WSUS | msupdate.[dc].rackspace.com |
Nightly between 1 AM and 5 AM in the time zone in which your server is located:
|
Windows Patching Portal | |
Windows Server 2012 R2 | WSUS | msupdate.[dc].rackspace.com |
Nightly between 1 AM and 5 AM in the time zone in which your server is located:
|
Windows Patching Portal |
WSUS Settings
If you have opted into the Rackspace Managed Windows Patching service, the following registry setting are configured on the Managed Windows Server:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate]
"AcceptTrustedPublisherCerts"=dword:00000001
"WUServer"="https://msupdate.dfw1.rackspace.com"
"WUStatusServer"="https://msupdate.dfw1.rackspace.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU]
"AUOptions"=dword:00000004 "AutoInstallMinorUpdates"=dword:00000000
"DetectionFrequency"=dword:00000016 "DetectionFrequencyEnabled"=dword:00000001
"NoAutoRebootWithLoggedOnUsers"=dword:00000000 "NoAutoUpdate"=dword:00000000
"RackSpaceDefaults"=dword:00000001
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:00000002 "UseWUServer"=dword:00000001
You must set the Windows Updates service (wuauserv
) to automatically start by performing the following steps:
-
Open a PowerShell command prompt and run the following commands:
Setting wuauserv Service to Auto Set-Service -Name wuauserv -StartupType Automatic
-
Ensure that the
wuauserv
service is running by running the following commands:Restart-Service -Name wuauserv
-
Apply all of the changes by running the following command:
gpupdate.exe /force
You can find additional information in the Microsoft Security Update Guide.
Updated about 1 year ago