Every day we review security patch compliance for all our clients with managed services coverage with us. Often, we see systems with security patches pending reboots. Many security patches require a reboot to install, and some security patches are sequential, so the next one won't install before the previous patch is complete. This can result in a system that isn't fully protected.
Server reboots are handled on a scheduled basis, but with desktop reboots, often we leave it to the user to reboot at their convenience to reduce the risk of disruption or lost files that aren't saved. As a general rule, we ask users to reboot (at least) weekly.
One thing we've noticed recently, is that many users think they're rebooting, but they're not. To clarify, here are the steps (in Windows 7).
- Click on the "Start Button" (Windows colorful flag in the lower left hand corner).
- Click on the arrow next to "Shut Down", and select "Restart" from the list. This closes all programs, shuts down Windows, and then restarts Windows again