What it grew into was ... up for debate. But that's not why I'm here.
Today, we who administer computers would like to change how these things go so that a proper schedule for patches is maintained. We want to ensure that only the ones that are really necessary are installed, and the machine isn't going to be adversely affected by the patch.
Well, Microsoft addressed that, too, didn't they? YES! SUS (Software Update Services) was born! For FREE! (Oh, wait, sorry - no additional charge.) Then it was killed. No, it was REborn! Windows Update Server! (What a wuss.)
So today we have WSUS - Windows Server Update Services - now in it's 3rd iteration (3.0). Depending on who you talk to it's still wussy or maybe it's double-you-suss, or wi-suss, or just PITA. (But only if you've administered it for more than 30 minutes or so.) Don't get me wrong: a great product. It really is; I wouldn't want to be a system administrator without it.
oh wait. Yeah, I might want something that actually admits that I use software from someone other than Microsoft. Or maybe one that will work outside an Active Directory.
So, MAX brought in one of GFI's other products, GFI LanGuard. GFI LanGuard does patch management for not only Microsoft products, but a whole array of other products as well.
So why not turn off the Automatic Updates settings on each independent Windows computer and let Patch Management take care of it? Sure. It's Windows, right? So --- I can script that.
GFI recently launched a script-submission problem/fix site called Fix-it scripts (www.fixitscripts.com). So I've uploaded a VBScript based solution there to go along with another publisher's PowerShell-based script.
http://fixitscripts.com/problems/windows-update-settings
The PowerShell script was the inspiration, the VBScript allows you to change the Automatic Update Settings between the options by passing one of these values at the command-line.
1 = "Never check for updates"I've tested this in my own environment on a Windows 2008 server and it works. I'll be working with it on Windows 7, Vista, XP, 2003, and WHS shortly. Of course - your environment may well be different. So I cannot and will not guarantee how it will work there. To twist an age-old saying, test it twice, deploy it once.
2 = "Check for updates but let me choose whether to download and install them"
3 = "Download updates but let me choose whether to install them"
4 = "Install updates automatically"