Home
Topics
Microsoft Windows desktop operating systems security management
Patches, alerts and critical updates
Microsoft vs. third-party tools for patching

Ask the Expert

Microsoft vs. third-party tools for patching

If I'm primarily supporting Windows (2003, XP, 2000), should I choose Microsoft or a third-party vendor for patching tools? Also, will a tool dedicated to scanning find more holes than a complete patch management tool? I'm trying to weigh my options.

SMS will certainly do the trick, but it is not free. It is also much more than patch management (more of systems management - e.g. support, inventory, etc.). WUS will do a decent job with OS patches, but it cannot do third party patching (e.g. patching Acrobat Reader, Firefox, etc.). It is not really a full-fledged patch management system.

Assuming the customer will be buying a solution, I would say there are a number of usable solutions for Windows environments -- I wouldn't necessarily recommend sticking with a Microsoft solution. On the free side, though, I would say Microsoft's combination of MBSA and WUS would be one of the better free solutions.

Regarding finding more holes - vulnerability scanning tools will tend to find more overall security issues than patch management tools. Vuln scanners will be looking for things like password policy, unnecessary services enabled, file permissions (i.e. vulnerabilities that are unrelated to patching). On the other hand, patch management tools (as you would expect) will tend to focus on missing patches.

More News and Tutorials

Articles
- Click here to read part two.)
  LAS VEGAS -- At the Microsoft
  ...">Microsoft taking steps to integrate WUS with Windows
- Microsoft answers admins' WUS questions
- Microsoft vs. third-party tools for patching
- Microsoft's WUS can't go it alone, Shavlik says
- Properly set up Windows Update Services
- Click here to read part one.)
  LAS VEGAS -- At the Microsoft
  ...">Customers shouldn't have to pay for patching, MS says
- XP SP2 delay causes domino effect for WUS
- Further delays to Microsoft patching product
- Free Microsoft patch tool morphs, nears completion
- Microsoft's patch manager gets a refresh

Related glossary terms

Terms for Whatis.com - the technology online dictionary
- application monitoring (app monitoring)
- drive-by download

This was first published in June 2005

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Virtual Desktop
Windows Server
Windows IT
Exchange

Virtual Desktop
- How inline deduplication is changing the VDI storage landscape
  
  VDI storage has long been a challenge for virtual desktop admins, but inline deduplication is changing all that.
- Taking advantage of VM snapshots in a virtual desktop environment
  
  With VM snapshots, you can make one desktop VM into many. Just watch out for performance when snapshotting in a virtual desktop environment.
- Planning and managing virtual desktop pools
  
  Virtual desktop pools make management easier, but you have to plan for them and remember that the way you create pools depends on your VDI platform.
Windows Server
- Office, 32-bit Windows fixes included in Patch Tuesday update
  
  Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes.
- Q&A: Anderson talks BYOD management in Windows Server 2012 R2
  
  Microsoft's Brad Anderson talks about changes to expect in Windows Server 2012 R2 features, including some to security and enterprise mobility.
- Q&A: Microsoft's Brad Anderson talks Windows Server 2012 R2
  
  Microsoft's Brad Anderson discusses new features in Windows Server 2012, including a faster update cycle and cross-platform integration.
Windows IT
- SharePoint 2013 features: what's new, what's changed and what's gone
  
  Some existing SharePoint features were replaced or dropped in SharePoint 2013. Here's how to work through the changes.
- Prevent hacking in your enterprise with these nine easy steps
  
  There are no foolproof ways to completely stop hacking in an enterprise, but follow these proven and common sense methods to reduce your risk.
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
Exchange
- Spotlight on top new Exchange 2013 features
  
  There are several new Exchange 2013 features that should interest those debating an upgrade. We examine several standouts and how to work with them.
- How to modify OWA 2013 to support Microsoft Lync
  
  Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.
- Block badly behaving Exchange ActiveSync devices in Exchange 2013
  
  Misbehaving Exchange ActiveSync devices can put a serious strain on your environment. Take control with new auto-block thresholds in Exchange 2013.

All Rights Reserved,Copyright 2008 - 2013, TechTarget