The Pros and Cons of Automatic Updates - Page 2

By Vince Barnes | Aug 11, 2003
Page 2 of 2   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Automatic Drawbacks

The problem with an automated system is that an administrator can quickly lose track of changes that are being made to his or her systems when those changes don't actually require the administrator's intervention. This may seem relatively minor, but consider the following example. A recent security update from Microsoft was presented to systems by the automatic update even though it had a prerequisite of a particular service pack level that had not been met by all of the systems.

When installed, the patch caused an incompatibility with a core DLL, resulting in systems that would halt with Stop errors on restart (see Q318533 and related articles). Had the install been performed manually, the administrator would have been clued right away to the prerequisite.

Making matters worse, the automatically installed updates in this case were put in place a few days prior to the restarts, preventing them from being immediately associated with the errors in the mind of the administrator. As you can imagine, diagnosing the issue took considerable time that could have been avoided had the install required manual approval.

As mentioned earlier, though, there are numerous advantages to the automated system. My personal preference is to have automatic updates on systems that I am physically close to and that are not in critical settings. For more mission critical machines, I like to monitor for updates by subscribing to Microsoft's Product Security Notification Service and scheduling times to apply the fixes based on severity of threat, applicability, etc.

As the number of threats increase, it is becoming more and more critical that hotfixes be applied in a timely manner. The same holds true for service packs. It can be a risky proposition to allow time to go by before patching your system.

One final note — remember that those with malicious intent also subscribe to the NTBugTraq and MS Notification services. To them, these services provide a list of new things to look for and try. If your system is already patched when they come looking, they'll just have to move on to the next one.

This feature originally appeared on Enterprise IT Planet.

» See All Articles by Columnist Vince Barnes

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter
Helpful Links

  • Yankee Group Mobile WAN Optimization Report

    Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

  • Network Security Resources

    More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

  • Extreme Savings: Cutting Costs with WAN Optimization

    Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >