santiago silver - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What are some of the biggest software patching myths?

Desktop patch management is subject to its share of myths. Our expert penetrates the fog around waiting on software patching and Windows XP security.

There are a number of different myths regarding patch management, but by far the most pervasive of these myths is the idea that patches should not be applied until a month or two (or longer) after they are released. Like all good myths, this one contains an element of truth.

The basic idea behind this myth is that patches occasionally contain bugs. Rather than deploying a potentially buggy patch right away, you should wait a while to see if the patch is recalled or if anyone experiences any major problems with it.

There are a few problems with waiting to deploy a patch. For starters, you can't believe everything you read online. Just because someone claims to have had problems with a patch does not mean the patch is buggy. The person who reported the problem could be running a really abnormal or unsupported configuration.

The other problem with waiting to deploy patches is that security patches are designed to correct known vulnerabilities. Until you apply a patch, you are vulnerable to a well-documented exploit. In my opinion, it is prudent to do your own patch testing, but I do not recommend simply waiting to see if anyone else reports problems.

Another myth that I have been hearing a lot lately is that Microsoft no longer releasing patches for Windows XP is a non-issue. The idea behind this myth is that Windows XP is solid, reliable and has stood the test of time, and therefore does not need any patches.

The problem is that even though Microsoft has abandoned Windows XP, hackers have not. Malicious hackers know a number of organizations will continue to use Windows XP. They also know Microsoft is not going to patch any vulnerabilities that may be discovered in the future. It is therefore clearly in the hacking community's best interest to continue looking for exploits in Windows XP.

Next Steps

You should know about these Windows Server Update Services weaknesses

Windows desktops need a consistent approach to patching

Guide gives IT a head start on enterprise password management

Use this checklist for desktop patch management software

A look back at past Windows patching tips

Dig Deeper on Windows applications

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What software patching myths have you heard or do you think should be debunked?
Well, I believe the most widespread is the myth that once the patch is released; one has to wait for a month or two before applying it. This has an element of truth in it because in the initial days of its release, the developers try it on various platforms and it can of course backfire when the application host discovers its programs. Again, the regular software updates address the inefficiency in the initial days.
Patch management can give the person responsible sleepless nights, a vulnerability removed but the mere threat of something else falling over needs serious test effort.
I agree. Just patching one problem may expose others. Programmers are prone to errors as well. We try to keep it to a minimum due to the fact flawed software is good for nobody. Case in point. Look how many patches Microsoft makes to their OS.