Skip to Navigation | Skip to Content

CIT's Patch Management Schedule

Both security patches and program updates will come to your computer once a month. We will push security patches on the 3rd Wednesday* of every month. We will deliver required software program updates on the 1st Wednesday of every month.

We have bundled all security patches together, allowing you to reboot your system once if it is necessary. Whether the patches come from Adobe, Apple, Microsoft, Symantec or another vendor, you will receive them all at once.

What is the difference between security patches and program updates?
Why are security patches and program updates done on different days?
Can I dismiss a patch or update?
Why do I have to reboot?
What about labs and Smart Classrooms?
What if I have Automatic Updates turned on?
Where can I find out about planned patches and updates?
Will this affect requests for new software installations?

What is the difference between security patches and program updates?

Security patches address security-related concerns with software. Application vendors issue security patches when they have identified a security flaw in their product. The hacker community will exploit these security flaws as soon as they are discovered.

Program updates address bugs in software which have an impact on functionality or stability, but not security. We will deploy these when they address specific issues for Calvin workstations.

return to top

Why are security patches and program updates done on different days?

Security patches and program updates are managed by different systems in CIT. This means that we cannot bundle the patches and updates together. If we were to deploy these on the same day it would mean users would be interrupted twice on the same day and possibly be required to reboot their system twice on that day. CIT feels this is too much of a disruption on one day.

return to top

Can I dismiss a patch or update?

You cannot dismiss a security patch or update. However, we will allow whenever possible two ways to defer them to a more convenient time: you can defer installation for up to five days or defer the system reboot post-installation for up to 24 hours.

return to top

Why do I have to reboot?

The requirement to reboot is determined by the software vendor and the current status of your computer. If a reboot is required and you defer it, the patch or update that you installed will not be effective until the reboot. Additionally, your computer will be less stable and unable to accept additional patches or updates. In some cases, your computer may become completely unresponsive.

Therefore, we recommend that you reboot as soon as you are prompted. We recognize that it is not always convenient to immediately reboot, which is why we allow you to defer for up to 24 hours.

return to top

What about labs and Smart Classrooms?

Computer labs will not receive monthly patches or updates during the semester unless there is a critical need to do so. A program called DeepFreeze resets all computers in our labs back to its original state after every reboot, which protects it from security flaws. DeepFreeze also wipes out any patch or update we would push during the semester. Because of this, we update them at semester breaks.

Smart Classrooms are patched by CIT during non-classroom hours. We do this so that patching and updates do not interrupt class sessions.

return to top

What if I have Automatic Updates turned on?

We must disable this feature in your computer because we need to test all patches before deploying them. In addition to that, Automatic Updates delivers patches from Microsoft and will not include security patches from any other vendor. Patches and upgrades from CIT will run smoothly and come from 17 different vendors.

return to top

Where can I find out about planned patches and updates?

You can learn about all current and upcoming patches and updates at the Maintenance Blog. This blog includes a specific list of patches included in each bundle. If you use an RSS reader, you may subscribe to this blog to be notified of new postings.

CIT will also provide notices through CIT-Alert emails initially, especially for large patch bundles. Once the monthly schedule becomes more routine, we will provide CIT-Alerts only as needed.

return to top

Will this affect requests for new software installations?

No, this does not affect requests for new software installs or requested software updates. CIT will continue to fulfill these requests as we receive them, within a couple of business days for your office computer, depending on availability of the software.

Computer labs are updated prior to the fall semester and, if needed, before Interim and second semester. Please make your request for software in computer labs several weeks before the beginning of the semester.

return to top


*Technically, we deliver patches eight days after the 2nd Tuesday of every month. This is because Microsoft releases its security patches on these days and we receiver them by that Thursday or Friday. We then spend the next few days reviewing, bundling and testing the patches. This verification takes until the next Wednesday, when we can release them safely to the rest of campus.  If the first day of the month is Wednesday, the patches will be delivered on the 4th Wednesday instead, but approximately at the same time you are used to.