Description
In June 2025, CIT will begin transitioning to a new mechanism for delivering Windows OS updates and patches to managed Windows PCs. Below are important details about what you can expect about this change.
What's Changing and Why
Managed Windows PCs will no longer leverage the Software Center application for update/patch management. Instead the built-in Windows Updates mechanism, coupled with a central management tie-in, will take its place. This change will improve the security of managed computers by including automated driver and firmware updates from large OEMs (Dell, Lenovo, HP, etc.). Here are some important changes to be aware of:
- You will now have up to 7 days (instead of 2 hours) to schedule a restart after updates are installed.
- You’ll have more control over selecting a convenient time for updates and restarts.
The primary difference you'll notice is the way restart notifications appear and the extended time frame to schedule restarts. This update approach is designed to reduce disruptions while keeping your computer secure and up to date.
What you Need to Know
Immediately After the Change
- Due to the breadth of what Windows Update patches, after transitioning to the new update paradigm, your computer will very likely require the installation of multiple updates with multiple reboots required. This initial installation of patches may take anywhere from 30 minutes to multiple hours to complete and may require multiple reboots.
- During the update process you may experience performance degradation, flickering or completely black displays (during video driver installation), sounds as Windows recognizes hardware after drivers are applied, and firmware installations during reboots. Please apply the updates/patches at your earliest convenience and DO NOT interrupt the the update process even if it appears to be stuck. Forcing your computer to shutdown during these updates may render it inoperable.
- After the initial batch of updates/patches are installed, we expect reboots to align more or less with our previous update regime (once/twice a month).
- NOTE: Research computers that are connected to lab equipment, or that need to run computationally intensive jobs over long periods of time, and are currently configured to allow for a more flexible reboot schedule (user-driven reboots instead of time-bound enforcement) will retain this flexibility. If your research computers may benefit from the user-driven reboot regime, please submit a help request and include the computer name(s), a description of how each computer is used, and how deferring reboots is critical to your research.
Firmware/BIOS Updates
NOTE: When Windows Update applies a firmware or BIOS update to your computer, upon rebooting you will notice a Dell splash screen that says Updating your firmware. Do not power down your system. Interruption of the installation of firmware may render your computer inoperable. So, please do not force the computer to shutdown while it's in the middle of firmware updates.
Deployment Schedule
The following is a tentative deployment schedule for the new patching regime. The exact cutover date will be communicated one week prior via an on-screen notification on the affected PCs.
6/24 - 4H, AAD, ADM (Geneva), AIIS, BP, CUAES, CBG, CCE, DO, EPE, FA, FRU, PGRU
7/1 - FAC, GRT, HR, MCOM, NIPM, OAP, PMEP, SAD, SGR, SIPS Administration
7/8 - CB, COM, DNS, FOOD, IPM, LA
7/15 - BEE, GDEV, MBG, MI, OUB
7/22 - ANSC, DNR, ENTO, HRT, PBG, PBI, PLP, SCS
Additional Links and Information
You can read more about this change on CIT's Update or Patch Your Cornell-Managed Windows Computer webpage.
If you have any questions or concerns, please submit a help request.