I'm trying to figure out how to handle the vulnerability in the Windows Store version of Notepad. Should I use Winget, the new store command, or just trust that the app store will update itself? I have around 200 endpoints, and I'm feeling a bit overwhelmed here. Any tips?
5 Answers
Why not just include it in your normal patching schedule? If you’re already keeping up with regular updates, this shouldn't be a big deal at all.
You really need to evaluate your approach based on your setup. If you're using Intune, you can upload the new version as a Win32 app which will replace the existing one. If not, consider using an RMM that can push patches, but make sure it works in user context. Always double-check how you initially deployed the app.
Sounds like a solid plan. Just make sure to test it first on a few machines to ensure everything rolls out smoothly.
Great advice! It’s better to be safe than sorry.
If you have controls in place that block Winget and the store, that makes it tougher. But we’ve seen about 95% update automatically without any action after InfoSec alerted us.
Wow, that's impressive! Sounds like your setup is pretty robust.
I think it’s best to let updates happen automatically, especially if you’re already at 88% on version 11.2510. There's really no reason to chase after individual updates unless it's super critical. Just keep your routine patching going, and you'll be fine.
That’s pretty much what we do. Keeps things simple!
Honestly, with 200 endpoints, I wouldn't trust automatic updates for such a vulnerability. My suggestion is to script a controlled rollout; use PowerShell to check versions and manage updates. It'll save you headaches down the line. Better to invest a couple of hours now than scramble later.
For sure! Tracking failures is crucial for a smooth operation.
Exactly! It’s part of maintaining security hygiene.