Updated: August 19, 2016
Normally, I am the very first person to tell you NOT to use third-party tools for system administration, in any operating system. If you think the base functionality is lacking, it is still most likely better than tampering with unofficial tools that try to compensate for system issues. There's the obvious accountability and support factor, but also, especially with Windows, the simple matter of being able to access and use the closed-source system in a fully transparent and safe manner.
But is this really the case? Well, after having encountered and not really solved the issues of slow Windows Updates - although the recent batch seems to behave with speed and frugality of resources - I wanted to try several third-party programs, which promise a faster, more streamlined patching. Of course, with all the necessary disclaimer, damage and warranty clauses, and the need for a high level of nerdiness. But since I have a test box I can easily afford to sacrifice and lose, I set about exploring, for your sake. Our first candidate is Autopatcher. Follow me.
Autopatcher is an offline updater, supporting Windows XP through Windows 8.1. It allows you to download critical security patches, recommended updates, runtime installers, Office, other Windows components, and a few more bits and bobs. Sounds like a cool alternative for WU, but the big question is, does it work safely? Speed may be important, but you want this functionality to be impeccable. Super accurate, super safe, and hopefully, fast.
The program has no installer. It comes as a zip archive, so you just expand it somewhere there's enough free space, and start it. First, you will need to acknowledge the warranty disclaimer and Microsoft EULA. Then, you have two options - download and install. The latter will only work if you have downloaded some updates in the past.
So we begin with downloads. Select the releases you want, and then click Next. As you can imagine, some level of expertise is required. Normally, you will only get the standard security and recommended updates. You will need to mark .NET, Silverlight, Office, and other components separately. In my test, the default Windows set included 1.1GB worth of patches.
This is more than you get if you typically hit the WU check button, however long it takes. The reason is, Autopatcher will download everything it can find, then only pre-select and offer the KB that have not been installed on your system. This can bleed your bandwidth, but at the very least, it will cache the information, so future updates won't be that heavy.
After the process completes, you can move on to the actual installation. In my case, for some odd reason, the program skipped one update. I don't know why yet. Once you click the Install Updates section, Autopatcher will check the downloaded data and then load it. This is really a quick step.
I had a total of 26 updates available for March, which makes sense given the fact I had last updated the HP laptop in January. Normally, only critical updates are pre-selected, and it will also mark those you already have installed, so no need to fuss and wonder.
There will still be quite a few old updates, marked in black but not selected. Normally, these are older, superseded patches, and you do not need to worry about them, but the program does not list that anywhere, and it's not immediately apparent. This is also part of the reason why the initial download is so heavy.
If you click on any which entry, you will get some extra information, but you can also use the More info hyperlink to go online and read the full KB entry. Unlike the official WU, it links to Technet, so the format of the information is slightly different. All in all, in essence, you get the same kind of stuff that WU offers, but you might be a little confused why there are so many black, unselected entries. Not really the height of usability.
I boldly moved forward, and Autopatcher began installing the updates. It completed without errors, but it also immediately offered to reboot the system, well, within 30 seconds. You can cancel this simply by exiting the program.
The system did its usual percentage thingie before and after the boot, and Windows loaded just fine. There were no errors. I fired up WU, and this time it only took a few minutes to search and load the list of available patches, and they were mostly if not all related to .NET stuff, which I have not selected in Autopatcher. It seems that the tool had done its first run successfully. I decided to expand now, and try some of the other Windows components.
With additional components marked, I embarked on another pull & install run. Autopatcher did not re-downloaded the cached critical and recommended updates. It only retrieved the delta for the extra stuff, which is quite commendable. I was now able to mark .NET components, and even the annoying malicious software removal tool.
In the end thought, WU was still left with some extras that were not covered by Autopatcher. The notable examples included a single .NET update and a single security fix, which could be the one the tool missed initially. I am not sure, but this worries me ever so slightly, as it indicates some discrepancy between WU and Autopatcher. This could be a configuration thing, but you must keep it in mind. That said, both tools were working well, and there was no system corruption that I could see, and I was able to grab updates normally.
There are a few options hiding under the Advanced button. I'm not 100% sure what they all do, but I presume they can help save the current workflow for a future, scripted action. Maybe if you want to deploy on multiple systems?
So, we already know that Autopatcher missed one update, but it could be the skipped one. In the worst case, this probably means you will need to use the tool in conjunction with WU, and then use the latter for some leftovers, but at least, they will be fast, as there won't be an infinite list pending to grab and search and whatnot.
I also noticed the program wasn't too stable. It crashed a couple of times trying to index the deltas. This usually happens when there's nothing left in the critical and recommended sections, but you still only want to load those. They will then disappear from the list, but if you hit Next, the program will segfault. Some extra robustness and logic are needed.
Autopatcher seems to be a useful program. It is fairly safe and robust, if not perfect, the visual side of things can definitely be improved, and the workflow can be slightly more elegant. The one really worrying thing is that you may miss a few updates here and there, so you should not trust the tool blindly. Autopatcher should be used to complement the official utility and help speed updates, not completely and fully replace it.
This brings us to the most important piece - risk. How willing are you to let this third-party tool manage your updates? If WU is slow, Microsoft should fix that. Plus, there's the new cumulative patching model, which ought to make your life easier. You should probably not change or challenge the integrity of your system just because of a little extra waiting. And frankly, over the past two decades and the use of some 30+ Windows boxes, I've never had any issues with Windows updates. The tool worked reliably over its many versions and incarnations. The only known problem is speed on some systems.
And that's what you need to know and decide. What is more important for you, and how you'd like to govern your system. If you ask me, honestly, I would not deploy Autopatcher without a solid backup and imaging framework in place, but this is also true for the standard channels. Then, I wouldn't use it. Really. It's good, but I'd like to be able to blame Microsoft for their software rather than someone else. And speed is ultimately less important than total functionality and integrity, because WU is something that you do quite rarely, all in all. There we are. Autopatcher is a good tool, but the risk piece is entirely yours to decide. Can't help you there. And we're done.