Barney's Blog

Blog archive

UPDATE: Microsoft Security Fixes -- Superstition vs. Best Practices

Patch Tuesday comes tomorrow, and it's looking like a lucky 13 batch. Two patches are expected to be "critical" to apply. All are expected to require a restart.

IT pros, as opposed to home Windows users it seems, are supposed to test each security bulletin first before pushing it out on the network. And then do that 13 times, possibly while wearing wreaths of garlic, or something like that. Well, no. Here's what Microsoft's best practices publication says:

"One of the common misconceptions about Microsoft updates is that they are mandatory and/or urgent. All updates, regardless of their type (whether they are service packs, hotfixes or security patches), are to be applied on an 'as-needed' basis. They need to be evaluated individually and treated as important optional updates."

Well, that sounds nice, but most security bulletins seem to be about basic flaws in Windows or Internet Explorer. So, in practice, wouldn't IT pros be obligated to apply them all each month? Update: a reader pointed out that this advice above from Microsoft is from an old archived Microsoft TechNet library article. To get more current best practices advice from Microsoft, see this article.

What's your approach to the monthly Microsoft patch routine? Do you bother testing them? Do you apply all of them or just some? Share your best practices with Doug and readers at [email protected]
-By Kurt Mackie

Posted by Kurt Mackie on 08/08/2011 at 1:18 PM


Featured

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

  • Microsoft Open License To End Next Year for Government and Education Groups

    Microsoft's "Open License program" will end on Jan. 1, 2022, and not just for commercial customers, but also for government, education and nonprofit organizations.

comments powered by Disqus