Tonight our server decided to install SQL Server 2014 CU7 for SP1. The update appears in the Windows Update history and I found downtime in our logs for it. The previous patch level was CU3.
I was surprised by this because I am not used to Windows or SQL Server automatically installing CU's. I also never witnessed a service pack being installed automatically. What has changed?
According to sqlserverbuilds.blogspot.de the CU7 was released today. It was installed right away after release.
I am not categorically against this but I would like to understand what policies are driving the automatic update choices.
Strangely, tonight was not a "patch Tuesday". No other updates were processed. The server did not reboot, either. I'm certain this was not a manual action.
So far my plan was to keep the server at the CU3 level and upgrade to 2016 eventually. The new CU being installed caused unnecessary downtime and introduced risk which I normally was not willing to take. In particular I do not wish to install patches at a random time.
So what's the automatic update policy and should I do something about that?
Best Answer
You might be using Windows or Microsoft update on the server and that is set to
Install updates automatically (recommended).Windows Server Update Services (WSUS) enables administrators to manage the distribution of updates and hot-fixes released for Microsoft products to computers in a corporate environment.
You should change the setting to either
Check for updates but let me choose whether to download and install them
or
Never check for updates --> This means that you own and are responsible for checking any updates, downloading them , testing and installing them on the box.
A good read - Stop Automatically Updating Production Servers