Patch management should be near the top of any IT manager's security concerns. Network hacks, malware infections and even simple human error can and will prevent your operations from running smoothly. Proper patch management practices are needed so that you can recover from the inevitable malfunction or failure of your trusted applications.
A patch is a quick repair job for a piece of programming. During a software product's beta test distribution or try-out period and later after the product is formally released, bugs will almost invariably be found. A patch is the immediate solution that is provided to users and can be downloaded from the software maker's Web site. The patch is not necessarily the best solution for the problem and the product developers often provide a better solution to when they package the product for its next release.
A patch is usually developed and distributed as a replacement for (or an insertion in) compiled code (that is, in a binary file or object module). In larger operating systems, a special program, (i.e., patch management), is provided to manage and keep track of the installation of patches.
In this learning guide, you'll find a healthy collection of tips, expert Q & A's, webcasts, downloads and more that will ensure that you are properly prepared to handle all of your patch management issues.
Patch management education
In the opening section of our learning guide, you will get the basics of patch management. Learn everything you need to know to get your patching strategy off the ground, including how to patch test on a budget, the 411 on off-cycle patches and common patch management misconceptions.
For more detailed information on exactly what patches and patch management are, visit WhatIs.com. If you don't find the information you are looking for in this learning guide, visit our entire patch management tips library.
Patch management 101
- Are off-cycle, third-party patches trustworthy?
Often, waiting for Microsoft to release a patch is a bother. One solution is to fix these vulnerabilities with off-cycle, third-party patches. But off-cycle patches are not without their own risks. Brien Posey describes potential problems from installing them on your system.
- Prioritizing Windows desktop patches
Patching every month -- or sometimes more often -- can be a headache. Try killing the pain with a well-ordered plan. This checklist from contributor Serdar Yegulalp provides guidelines for prioritizing Windows patches.
- Patch testing on a budget
Patches should be tested before rollout, but creating a testing environment is expensive. Contributor Brien Posey shares his cost-effective patch management tips for setting up a testing environment.
- Patching non-Microsoft products
Patching Microsoft applications is one thing, but you can't forget to patch third-party products either. Microsoft MVP Brien Posey provides some ways to get those third-party patches deployed.
- Four patch management myths
Myths usually crop up around complicated processes as we struggle to simplify them. Don't get fooled by these patch management myths. Contributor Orin Thomas provides the myths and the arguments against them.
Patch maintenance and post-patch issues for Windows network admins
Unfortunately, installing a patch does not always solve your issues. Sometimes, even a patch needs a patch. Other times your patch needs special maintenance. Fixing a problem is one thing, but preventing it from happening again altogether is another.
Learn how to manage these post-patch problems with this series of tips. You'll get insight on post-patch best practices, rolling back patches and optimizing WSUS (Windows Server Update Services) performance as well as a helpful post Patch Tuesday checklist.
Patching the patches
- Patch Tuesday: An after-the-fact checklist
Check out the steps you should take after Patch Tuesday to make sure that your system continues to run smoothly after a patch is applied.
- Fixing post-patch problems: Auditing revision levels
After a patch or service pack installation, you could find that altered components are not working with your applications. You may need to audit your revision levels. Contributor Serdar Yegulalp discusses four ways to determine the revision levels of given components, including links to some handy tools.
- Rolling back patches
Patches and hotfixes can break as much as they fix. Take a look at some of your options when the need to roll back patches arises. Follow these procedures for a roll back by hand and System Restore and provides the pros and cons of each method as well as the benefits of third-party software.
- Tricks for optimizing WSUS performance
Dealing with the monthly rollout of patches can grind an organization to a halt. Contributor Brien Posey shares some tricks for optimizing patch management performance by carefully adjusting WSUS settings.
Patching tools and resources
On top of establishing a list of patch management practices, you need a set of tools that will make the patch process as easy for you as possible. Part of putting together a patch management tool belt is knowing which tools you need and which tools you don't. Should you only uses patches issued by Microsoft? Should you exclusively deploy third-party patches? Should you use a mix of the two? Which tools would work best in your Windows shop and where can you find them?
Find the answers to these questions and more in this section. Serdar Yegulalp tells why to say yes or no to third-party patch management tools and different approaches you can take with those tools. You can also check out our patch management toolbox for a comprehensive list of tools you can use to deploy, manage and update patches.
- Third-party patch management tools: Reasons to say yes, reasons to say no
Contributor Serdar Yegulalp offers ten things to think about before making the jump from Microsoft utilities to a third-party patching tools.
- Patch Management Toolbox
Even though Patch Tuesday only comes once a month, keeping up with the latest security fixes is no easy task. A patch is designed to be a quick fix, but implementing and managing patches can prove to be quite time consuming, if not practically impossible. Try out the patch management tools in this toolbox to make patch management as easy as possible.
- Patch management tools: Different types, different approaches
Patch managment tools seem pretty simple, but there are a couple different types with unique functionalities. Contributor Serdar Yegulalp takes a look at different types of tools and offers advice to companies trying to settle on a single product.
This was first published in May 2007