Patch Tuesday Aftermath: Do You Know Where Your VMs Are?

  • Article

It is a security best practice recommendation to ensure that all your VMs are fully patched before they are turned on in production.

One way you can do this is to create a designated "maintenance host" that is off the production network, but has access to the needed software updates. Migrate your VMs to the maintenance host, turn them on, patch them up, then migrate them to production. Virtual Machine Manager makes this easy.

Another way to accomplish this is to patch all your offline or stored VMs at the same time as you patch all your running machines. You can use the free Offline Virtual Machine Servicing Tool for this.

Download the Offline Virtual Machine Servicing Tool, which combines the Windows Workflow programming model with the Windows PowerShell interface to bring groups of virtual machines online just long enough for them to receive updates from either System Center Configuration Manager 2007 or Windows Server Update Services. As soon as the virtual machines are up-to-date, the tool returns them to the offline state in the Virtual Machine Manager library.

The download includes:

  • OfflineVMServicing_x64 and OfflineVMServicing_x86. Setup files for the tool, for 64 bit and 32 bit versions of Windows Server 2003.
  • OfflineVirtualMachineServicingToolGettingStartedGuide. Getting Started Guide, in docx and doc formats. Provides information about how the tool works, explains prerequisites for the tool, and describes how to install and configure the tool.
  • Offline_VM_Servicing_Tool_Release_Notes.rtf. Notes provide information about this release, describe known issues in the tool, and include feedback instructions.
  • Offline_Virtual_Machine_Servicing_Tool_Help. Help file for the tool. Provides instructions for using the tool.
System Requirements
  • Supported Operating Systems: Windows Server 2003 R2 (32-Bit x86); Windows Server 2003 R2 x64 editions; Windows Server 2003 Service Pack 2
  • Other Requirements: .NET Framework 2.0, .NET Framework 3.0, IIS with ASP .NET installed, Windows Remote Managment, Windows PowerShelll 1.0, Configuration Manager 2007, WSUS3.0, Virtual Machine Manager 2007 (VMM), Virtual Server 2005 R2 SP1 or higher, Windows Server 2003 R2 SP1 or higher, Active Directory, SQL Server 2005 SP1 or higher, SQL Server 2005 Express Edition (VMM only)