As you are aware of NHS England, German Railway, etc. are affected by Ransomware virus (WannaCry - as of now highlighted).
Lots of patches may be released by the Microsoft and one of them I know is https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Following are my queries :
Doing only Windows Updates is not enough to get all Patches ? or there are some patches like (MS17-010) which should be patched separately and not available in normal Windows Updates ?, if yes, what is the central location to get this information so that I can apply for our workstations.
We are having all Windows 7-10. And from link https://technet.microsoft.com/en-us/library/security/ms17-010.aspx , I am not very clear what to install to get patched. Let me give example for my laptop :
a) I have navigated to Windows 10 Version 1607 build which is my laptop build from above link MS17-010
b) And opened 3213986 link from Update Replaced, which took to following page:
c) And then chosen Microsoft Update Catalog and following is the next screen and again not sure which executable (patch) to download ?
Third step in this process is to disable SMB V1.0 on all which is very older one.
Currently all workstations are left to update windows randomly, but seems end-users are skipping some times (by postponing) and you know Windows Updates can take 30-40 minutes sometimes and users are very annoyed when it happens on working hours. What's the best practice to set the Windows Updates Schedule ?
Appreciate your suggestions !