We have a critical production web server that can only be rebooted on early Sunday mornings.
Almost all critical security patches ask for a reboot after installing. I have a fear that a security vulnerability patch will come out on Tuesday and a zero day exploit will compromise the server before it gets a chance to reboot 5 days later.
Is the vulnerability removed after the install or after the reboot? Am I being overly paranoid? Is clustering the only way around this?
If an update requires a reboot then it doesn't take effect until said reboot, hence the reboot requirement.
The answer is dependant on the type of patch that it is. If the patch can modify the registry and the change can be detected immediatly after for example, then it should be fine without a reboot. If the patch explicitly states that it needs to reboot then it will only take full effect once the machine has booted.
Most Windows Server updates lately load with needing a reboout on 2008 and up. We have a set policy that the updates are released the day we have allowed reboot time so it happens in sequance. With us it is a Wednesday evening. We also have a set of critical servers we only path manually. Therefore the packages are deployed and waits for confirmation form the operator before installing, at a suitable time.
It depends. If the patch requires a reboot to replace files that are in use at the time that the patch was applied (like kernel32.dll) then it won't take effect until after the reboot.