Another critical step in the patch management process is to review the patches being applied to your Windows systems on a daily basis. This is important for a couple of reasons:
Patches need manual approval
Some patch management tools won't actually deploy patches until you manually approve them. So if you were to only check your patch management software once each week, you could be a week behind on deploying critical patches.
For many smaller companies, your odds of having a hacker break in by exploiting a days-old vulnerability are slim. But that doesn't make it less important to keep up with the latest patches. Anyone remember the SQL Slammer virus? Microsoft came out with a patch to defend against SQL Slammer fairly quickly, yet many Windows systems still became infected because administrators had not taken the time to apply the patch.
Not all patches are perfect
A few patches to the Windows operating system have done more harm than good. By keeping up with which patches have been applied to your machines, you will be able to quickly take proactive steps should a harmful patch be applied.
Patch management must-dos
Step 1: Do understand what is being patched
Step 2: Do review patches every day
Step 3: Do make sure patches are actually being applied
Step 4: Do it yourself when necessary
Resource kit: Tips for testing, deploying and fixing patches
|ABOUT THE AUTHOR:|
Brien M. Posey, MCSE, MVP|
Brien M. Posey is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies.
Copyright 2005 TechTarget
This was first published in May 2005