Patch management should be near the top of any IT manager's
security concerns. Network hacks, malware infections and even
simple human error can and will prevent your operations from
running smoothly. Proper patch management practices are needed so
that you can recover from the inevitable malfunction or failure of
your trusted applications.
A
patch is a quick repair job for a piece of programming. During
a software product's beta test distribution or try-out period and
later after the product is formally released, bugs will almost
invariably be found. A patch is the immediate solution that is
provided to users and can be downloaded from the software maker's
Web site. The patch is not necessarily the best solution for the
problem and the product developers often provide a better solution
to when they package the product for its next release.
A patch is usually developed and distributed as a replacement
for (or an insertion in) compiled code (that is, in a binary file
or object module). In larger operating systems, a special program,
(i.e., patch management), is provided to manage and keep track of
the installation of patches.
In this learning guide, you'll find a healthy collection of
tips, expert Q & A's, webcasts, downloads and more that will
ensure that you are properly prepared to handle all of your patch
management issues.
Patch management education
In the opening section of our learning guide, you will get the
basics of patch management. Learn everything you need to know to
get your patching strategy off the ground, including how to patch
test on a budget, the 411 on off-cycle patches and common patch
management misconceptions.
For more detailed information on exactly what patches and patch
management are, visit WhatIs.com. If you don't find the information
you are looking for in this learning guide, visit our entire
patch management tips library.
Patch management 101
- Are off-cycle, third-party patches trustworthy?
Often, waiting for Microsoft to release a patch is a bother. One
solution is to fix these vulnerabilities with off-cycle,
third-party patches. But off-cycle patches are not without
their own risks. Brien Posey describes potential problems from
installing them on your system.
- Prioritizing Windows desktop patches
Patching every month -- or sometimes more often -- can be a
headache. Try killing the pain with a well-ordered plan. This
checklist from contributor Serdar Yegulalp provides guidelines for
prioritizing Windows patches.
- Patch testing on a budget
Patches should be tested before rollout, but creating a testing
environment is expensive. Contributor Brien Posey shares his
cost-effective patch management tips for setting up a testing
environment.
- Patching non-Microsoft products
Patching Microsoft applications is one thing, but you can't forget
to
patch third-party products either. Microsoft MVP Brien Posey
provides some ways to get those third-party patches deployed.
- Four patch management myths
Myths usually crop up around complicated processes as we struggle
to simplify them. Don't get fooled by these
patch management myths. Contributor Orin Thomas provides the
myths and the arguments against them.
Patch maintenance and post-patch issues for Windows network
admins
Unfortunately, installing a patch does not always solve your
issues. Sometimes, even a patch needs a patch. Other times your
patch needs special maintenance. Fixing a problem is one thing, but
preventing it from happening again altogether is another.
Learn how to manage these post-patch problems with this series
of tips. You'll get insight on post-patch best practices, rolling
back patches and optimizing WSUS (Windows Server Update Services)
performance as well as a helpful post Patch Tuesday checklist.
You can also check out recent news on patches issued for two of
the most commonly patched Microsoft applications,
Internet Explorer and
Microsoft Office.
Patching the patches
- Patch Tuesday: An after-the-fact checklist
Check out the steps you should take
after Patch Tuesday to make sure that your system continues to
run smoothly after a patch is applied.
- Fixing post-patch problems: Auditing revision
levels
After a patch or service pack installation, you could find that
altered components are not working with your applications. You may
need to audit your revision levels. Contributor Serdar Yegulalp
discusses four ways to
determine the revision levels of given components, including
links to some handy tools.
- Rolling back patches
Patches and hotfixes can break as much as they fix. Take a look at
some of your options when the need to
roll back patches arises. Follow these procedures for a roll
back by hand and System Restore and provides the pros and cons of
each method as well as the benefits of third-party software.
- Tricks for optimizing WSUS performance
Dealing with the monthly rollout of patches can grind an
organization to a halt. Contributor Brien Posey shares some tricks
for
optimizing patch management performance by carefully adjusting
WSUS settings.
Patching tools and resources
On top of establishing a list of patch management practices, you
need a set of tools that will make the patch process as easy for
you as possible. Part of putting together a patch management tool
belt is knowing which tools you need and which tools you don't.
Should you only uses patches issued by Microsoft? Should you
exclusively deploy third-party patches? Should you use a mix of the
two? Which tools would work best in your Windows shop and where can
you find them?
Find the answers to these questions and more in this section.
Serdar Yegulalp tells why to say yes or no to third-party patch
management tools and different approaches you can take with those
tools. You can also check out our patch management toolbox for a
comprehensive list of tools you can use to deploy, manage and
update patches.
Patching resources
- Third-party patch management tools: Reasons to say yes,
reasons to say no
Contributor Serdar Yegulalp offers ten things to think about before
making the jump from Microsoft utilities to a
third-party patching tools.
- Patch Management Toolbox
Even though Patch Tuesday only comes once a month, keeping up with
the latest security fixes is no easy task. A patch is designed to
be a quick fix, but
implementing and managing patches can prove to be quite time
consuming, if not practically impossible. Try out the patch
management tools in this toolbox to make patch management as easy
as possible.
- Patch management tools: Different types, different
approaches
Patch managment tools seem pretty simple, but there are a
couple different types with unique functionalities. Contributor
Serdar Yegulalp takes a look at different types of tools and offers
advice to companies trying to settle on a single product.