Oracle Cloud Infrastructure Documentation

Managing Windows Updates

Describes how to manage updates for Windows instances that are managed by the OS Management service.

Note

Ensure that you define your security lists or network rules to allow access to the Windows update server. For more information, see the prerequisites.

About Windows Updates in OS Management

OS Management uses the following categories for updates:

  • Security
  • Bug fixes
  • Enhancement
  • Other

Windows Update OS Management Category Description
Critical Bug A broadly released fix for a specific problem addressing a critical, non-security related bug.
Definition Security A broadly-released and frequent software update containing additions to a product's definition database. Definition databases are often used to detect objects with specific attributes, such as malicious code, phishing Web sites, or junk e-mail.
Drivers Bug A software component necessary to control or regulate another device.
Feature Packs Enhancement New product functionality that is first distributed outside the context of a product release, and usually included in the next full product release.
Security Security A broadly released fix for a product-specific security-related vulnerability. Security vulnerabilities are rated based on their severity which is indicated in the Microsoft® security bulletin as critical, important, moderate, or low.
Service Packs Other A tested, cumulative set of all hotfixes, security updates, critical updates and updates, as well as additional fixes for problems found internally since the release of the product. Service packs may also contain a limited number of customer-requested design changes or features.
Tools Enhancement A utility or feature that aids in accomplishing a task or set of tasks.
Update Rollups Other A tested, cumulative set of hotfixes, security updates, critical updates, and updates packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a component of a product, such as Internet Information Services "IIS".
Updates Bug A broadly released fix for a specific problem addressing a noncritical, non-security-related bug.
Microsoft Other Microsoft related applications that need updates.

Installing Updates on Windows Instances

Important

If you have enabled active hours on your Windows instances, do not schedule updates during active hours. The OS Management service does not install updates that are scheduled during active hours.
Note

You can configure Windows instances in Oracle Cloud Infrastructure to receive product updates from Microsoft or through a server designated as a Windows Server Update Services (WSUS). OS Management can be used to schedule and deploy updates delivered to the instance from either source. See the Microsoft documentation for more information about deploying WSUS, including how to configure the WSUS server and Group Policy settings for automatic updates.
To install updates on a managed instance
  1. Open the navigation menu, click Compute, and then click Instances.
  2. Find the instance and click its name.
  3. On the Instance Details page, under Resources, click OS Management.
  4. Click the Actions icon (three dots) and click View OS Management Details.
  5. Under Resources, click Available Updates.
  6. In the Available Updates section, find and select the updates you want to install.

    Each update entry lists the name of the update, the type of update (Bug fix, Enhancement, Security, or Other), and whether the update requires a reboot.

    You can optionally expand each row in the update table to view additional information about an update before installing it. The following additional information fields are displayed:

    • Installable: Indicates whether the update can be installed (Yes or No). If the field indicates that the update is not installable (No), see the Requirements field for more information.

    • Size: The file size of the update.

    • Requirements: Indicates whether there are additional requirements for installing the update, such as the acceptance of an End-User License Agreement (EULA), additional software media, or user interaction.
    • KB Articles: Lists any related Microsoft Knowledge Base (KB) articles associated with the update. KB articles are referenced by KB ID number.
  7. Click Install Updates.
  8. In the Install Updates panel, under Install Schedule: choose when you want to install the updates.

    To install the updates immediately, choose Install Now and click Install Updates.

    To schedule a job to install the updates:

    1. Choose Custom Schedule.

    2. (Optional) For Job Name, enter a description of the job.

    3. For Date and Time, click the calendar icon and select the date and time when you want the job to run.

    4. Click Install Updates.

    Important

    • If the update requires a reboot, a reminder message appears on the instance detail page and managed instance detail page, indicating that one or more of the updates requires a reboot of the instance.
    • You can either manually reboot the instance in the Console or use the Compute API to programmatically trigger the reboot.
To install all security updates on a managed instance

  1. Open the navigation menu, click Compute, and then click Instances.
  2. Find the instance and click its name.
  3. On the Instance Details page, under Resources, click OS Management.
  4. Click the Actions icon (three dots) and click Install Security Updates.
  5. In the Install All Security Updates dialog box, click Install Updates to confirm the action.
    Important

    • If the update requires a reboot, a reminder message appears on the instance detail and managed instance detail pages, indicating that one or more of the updates requires a reboot of the instance.
    • You can either manually reboot the instance in the Console or use the API to programmatically trigger the reboot.
To install all available updates on a managed instance
  1. Open the navigation menu, click Compute, and then click Instances.
  2. Find the instance and click its name.
  3. On the Instance Details page, under Resources, click OS Management.
  4. Click the Actions icon (three dots) and click Install All Updates.
  5. In the Install All Updates dialog box, click Install Updates to confirm the action.
    Important

    • If the update requires a reboot, a reminder message appears on the instance detail and managed instance detail pages, indicating that one or more of the updates requires a reboot of the instance.
    • You can either manually reboot the instance in the Console or use the API to programmatically trigger the reboot.
To install updates on a managed instance group
  1. Open the navigation menu and click Compute. Under OS Management, click Managed Instance Groups.
  2. In the List Scope section, select the compartment that contains the managed instance group that you want to update.
  3. On the row of the managed instance group, click the Actions icon (three dots), and click Install Update.
  4. In the Install Update panel, find and select the updates you want to install on the managed instance group.

    Each update entry lists the name of the update, the type of update (Bug fix, Enhancement, Security, or Other), and whether the update requires a reboot.

    You can optionally expand each row in the update table to view additional information about an update before installing it. The following additional information fields are displayed:

    • Installable: Indicates whether the update can be installed (Yes or No). If the field indicates that the update is not installable (No), see the Requirements field for more information.

    • Size: The file size of the update.

    • Requirements: Indicates whether there are additional requirements for installing the update, such as the acceptance of an End-User License Agreement (EULA), additional software media, or user interaction.
    • KB Articles: Lists any related Microsoft Knowledge Base (KB) articles associated with the update. KB articles are referenced by KB ID number.
  5. Under Install Schedule: choose when you want to install the updates.

    To install the updates immediately, choose Install Now and click Install Updates.

    To schedule a job to install the update:

    1. Choose Custom Schedule.

    2. (Optional) For Job Name, enter a description of the job.

    3. For Date and Time, click the calendar icon and select the date and time when you want the job to run.

    4. Click Install Updates.

To install all available updates on a managed instance group
  1. Open the navigation menu and click Compute. Under OS Management, click Managed Instance Groups.
  2. In the List Scope section, select the compartment that contains the managed instance group that you want to update.
  3. On the row of the managed instance group, click the Actions icon (three dots), and click Install All Updates.
  4. In the Install All Updates panel, for Select Update Type, select the type of Windows updates to install.

    You can install all available updates by selecting All (the default type) or you can install the available updates for a particular category by selecting Security, Bug Fix, Enhancement, or Other.

    Note

    For information about how the Windows update types map to the OS Management categories, see About Windows Updates in OS Management.
  5. Under Install Schedule: choose when you want to install the updates.

    To install the updates immediately, choose Install Now and click Install All Updates.

    To schedule a job to install the updates:

    1. Choose Custom Schedule.

    2. (Optional) For Job Name, enter a description of the job.

    3. For Date and Time, click the calendar icon and select the date and time when you want the job to run.

    4. (Optional) For Repeat, select the interval at which to repeat the scheduled job. By default, the interval is set to not recur (Never).

      You can schedule the job to recur Hourly, Daily, Weekly, or Monthly.

    5. Click Install All Updates.

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations for managing updates on Windows instances:

For a full list of API operations available for the OS Management service, see OS Management API.