Hello c/sysadmin, and welcome to the Patch Megathread! I’m editing this post and leaving it up as a single catch-all sticky post for patch days for the time being, since we’re not seeing enough activity to warrant new threads IMO. If someone wants to help moderate / curate content and actively create new patch day posts, please let me know and I’ll add you to the mod team.

 

This is the place to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month’s updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the community, and provide a singular resource to read.

 

While this thread is timed to coincide with Microsoft’s Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.

 

Remember the rules of safe patching:

  • Deploy to a test/dev environment before prod.
  • Deploy to a pilot/test group before the whole org.
  • Have a plan to roll back if something doesn’t work.
  • Test, test, and test!
  • whzfux
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Hi there,

    we are administrating an microsoft365 infrastructure for a customer without using microsoft products on our own… Well let’s say we are managing it, as itś been set up by another company before and we just try to make sure nothing happens until we get em out of the cloud end of year…

    Like always when a MS Patchday happens, I don´t have any clue if those updates are necessary for them or if microsoft will take care as the customer is in their god damned cloud…

    Well … so does anybody have an idea how it works with security patches for sharepoint / azure etc. ( everything beside client updates) if you are using Microsoft365? Do I need to do anything or just relax and let em do?

    • whzfux
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Thank you guys for the replies! I am on holiday so it doesn’t bother me now. But its good to know that I don’t really have to care and can rely on ms in this.

      We are doing the client patching automatically and do check periodically when we are on-site. Its a very small infrastructure with about 20 clients at all.

    • DarraignTheSane@lemmy.worldOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      As far as SharePoint and the other M365 SaaS services, those are updated by Microsoft with no interaction needed from you. Desktop installed Office apps can be and are set for automatic updates by default, but in my experience you’ll need to manually push updates for them periodically.

      For Azure, as @Rykzon@discuss.tchncs.de said, any SaaS/PaaS and security back end are kept up to date by Microsoft - but if you’re running Windows / Linux VM’s in Azure, the patching inside those machines is on you unless you’ve setup automatic VM guest patching in Azure:
      https://learn.microsoft.com/en-us/azure/virtual-machines/automatic-vm-guest-patching

      For the rest of it… how are you handling patching for your other clients? What patching and/or RMM tool(s) are you using? If you’re not aware of how patching is handled “in the cloud”, how are you handling it within the network?

      (edit) - For knowing what’s going on with Microsoft patch day, the real answer is that IT shops / MSP’s of a certain size have a patching team who keeps up with news about updates, and likely a security team who keeps an eye out for critical security vulnerabilities and remediations. If you’re not big enough for that, here’s at least a starting point for Microsoft patching:
      https://www.techrepublic.com/article/insiders-guide-to-managing-microsoft-patch-tuesday/

    • Rykzon
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      For the Microsoft SaaS, PaaS and Is as services you don’t have to worry about regular updates at all, it’s for the most part completely invisible to the customer unless someone screws up.

      There are some instances of planned maintenance where the customer can take action to assure smooth operations. In azure you can check/configure notifications under the “service health” menu. Upcoming planned maintenance or unplanned issues would show up here with instructions on what to do. Sometimes, but very rarely, there are maintenance tasks where your services might require a restart, you can then plan that restart yourself or get a rug pull on the deadline, usually 1-2 months after the notification.