With the recent security alert concerning the “bluescreen of death” bug in Windows IIS servers from II7 and higher being affected, many are scrambling to hit maintenance windows to install the update to make sure their IIS server is secure. I had the question of whether or not reboot was required, and unfortunately it is, however, this looks to be an update that is minimal to install. I had a test Windows Server 2012 R2 box in a VM that I tested applying this update to and it downloads and installs very quickly.
The download itself is around 400k for the patch and the install took maybe a couple of minutes. Also it was inside a crusty test VM with not much power running on older hardware. I took a few screenshots of what you can expect if you manually install this patch to your IIS servers.
As you can see on my test VM I had a lot of updates waiting to install, however, I unchecked all besides the Security Update for Windows Server 2012 R2 (KB3042553) update.
- As you can see the update is 476KB total.
- After the update installs, you are prompted to restart the server.
After the update is installed and you reboot your server, you can check in Windows Updates (wuapp.exe) and verify the update succeeded.
All in all this was a very painless update besides scheduling the time for a reboot of the server. The Download of the update is tiny and the install is very quick. Most likely your sever will take longer to reboot than it does to download the update and install it. However, this is definitely a critical patch that needs to be deployed on any forward facing web servers due to the potential production disruption that can be caused if a hacker determines your system is vulnerable.