Neglecting security is not a virtue.

Pragmatism is.

This is a Hyper-V hypervisor host on a private VLAN three layers behind the internet and two layers behind the users locked in a room with no console access other than via an ILO card on yet another VLAN.

There has only been one KB which infers a security problem and that has had alternative mitigation put in place.

Not rebooting your server doesn't imply incompetence or disregard to security.

So, no security patches?

A reasonable question.

Only ones that affect the network surface footprint, so none here as it's on a private VLAN.

that's a pretty terrible practice no matter what OS you're using.

Why?

I assume that "private VLAN" means it isn't exposed to potential external attack.

It must be great to know no-one within your environment will ever do anything wrong. Or download anything that will do anything wrong. Or visit any websites than can hijack your browser into doing anything wrong.

a) Human error is a possibility but that's not something that can be eliminated.

b) They won't download anything wrong. There's no route to the internet for this machine.

c) They won't visit any web sites. There's no browser on the machine. This is a core profile windows server installation.

Don't assume that we don't know what we're doing. We have 500ish Windows Server machines floating around.

> a) Human error is a possibility but that's not something that can be eliminated.

It's good that you've managed to perfect the hiring process to the point you have zero risk of internal fraud or malice.

Where did I imply or state that?

Nowhere!

What does that have to do with security updates and reboots?

Nothing!

Being 'private' only means you don't get hit by drive-by scans from the Internet. There are (depending on configuration) plenty of opportunities for internal attacks, for example the workstation being used to access the boxes. Not to mention removable media (usb, cd-rom) or files copied onto those otherwise isolated hosts could be infected.

Patching servers is just good practice. As is designing a system that can handle rebooting individual servers without user-facing downtime.

I've seen this in older units, but has any recent switch been vulnerable to this?