Tools for Keeping up with a Flood of Security Patches

ATLANTA -- A few times a week now it seems that Microsoft Corp. is updating one server product or another with a patch for some security vulnerability.

It's not too hard to keep track if you're running one server, but keeping up in an enterprise with hundreds or thousands of potentially vulnerable machines serving dozens of functions can be time-consuming and worrisome.

Two tools vendors unveiled updates this week at Microsoft's TechEd 2001 show for helping companies stay on top of the situation companywide.

PatchLink Corp. will deliver PatchLink Update 3.0 in the third quarter. ConfigureSoft made version 3.6 of its Enterprise Configuration Manager product available immediately.

The software companies take different approaches. PatchLink 3.0 focuses narrowly on security patches, but it helps administrators deploy the patches and covers multiple platforms. ConfigureSoft supports just the Windows platform and alerts administrators about new patches affecting their environments, but it has a broader scope than security patches.

"An overwhelming majority of all security breaches can be prevented if software patches and updates are applied when they are first available," PatchLink CEO Sean Moshir says.

With PatchLink 3.0, server-side software performs a discovery across the network for what is installed. The results are consolidated in a report. Necessary patch updates that are prepared by PatchLink from operating system vendors security bulletins get deployed automatically.

PatchLink agents on the servers that run the native code of the operating system install the patches and can reboot the machine if necessary. The software supports Novell NetWare, Windows, Linux, IBM AIX, Sun Solaris and HP-UX.

ConfigureSoft also does discovery on Windows networks. While the company's 3.6 release includes Microsoft current security patches, the company focus includes the base configuration of the machines.

"I can say with absolute confidence that there is no such thing as a large-scale Microsoft enterprise that is secure that is not running ECM. It's not because people aren't disciplined or diligent, it's that they can't fix what they don't see," says ConfigureSoft CEO Alexander Goldstein.

"We allow you to see in an enterprise view where all your hotfixes are deployed and where they're not deployed," Goldstein says.

The tool also checks for configuration basics, like including a password in the administrator account. Templates allow an enterprise to make sure all servers of a certain class, i.e. IIS servers or SQL Servers, are configured the same. Administrators can run the tool periodically to make sure individual machines haven't strayed from the standard configuration.

Patchlink Corp. can be found at

Configuresoft Inc. is located

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • How To Enable Guest Access for Office 365

    While it's possible to give outside users access to certain content in your organization's Office 365 environment, the process of setting them up requires a few extra steps.

  • Microsoft Now Supports OpenSSH in Windows Server 2019

    Microsoft announced on Tuesday that the OpenSSH solution used for remote management is now a supported "Features on Demand" addition in both Windows 10 version 1809 and Windows Server 2019.

  • Microsoft's December Security Patches Includes Fixes for Two Active Exploits

    Microsoft ended the patch year on Tuesday with a whimper of sorts, releasing an estimated 39 security fixes in its December bundle plus one security advisory, according to a count by Trend Micro's Zero Day Initiative.

  • Microsoft Edge Browser To Get New Rendering Engine but EdgeHTML Continues

    Microsoft isn't exactly killing off its EdgeHTML rendering engine, even after declaring plans to use Chromium open source technologies in its Edge browser.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.