An Introduction to Windows Patch Management

Advancements in patch management have made it easier to keep Windows environments secure. Our new Windows Patch Management series kicks off with some recent history about patch-related technologies and an overview of general patch management concepts.

By  Marcin Policht | Jan 20, 2004
Page 1 of 3
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Patch management is without a doubt one of the most critical and complex Windows security-related issues these days. The problem has become more serious in recent months due to the increased frequency of new patches Microsoft has rated as critical, which followed documented exploits that take advantage of underlying vulnerabilities in Windows and Windows-related products (for a full list of patches, refer to the Security area of Microsoft's Web site).

This is especially troubling when one realizes that Microsoft altered its security rating system in early 2003 with the introduction of the "important" category (as an addition to the existing critical, moderate, and low categories), to reflect more accurately the level of urgency that should be considered when deploying patches. Thus, the "critical" label was to be reserved only for vulnerabilities that could be exploited by allowing malicious Internet worms to spread without user action.

Pressure from customers forced to conduct emergency software deployments across hundreds or even thousands of computers compelled Microsoft to search for means of mitigating such efforts. This resulted in a new patch release cycle that began in November 2003. Rather then being published on a weekly schedule (every Wednesday), new patches would now be made available for download on the second Tuesday of every month (with the obvious exception of emergency critical releases).

While this change makes it easier for corporate IT departments to coordinate their deployment schedules, they must also choose a methodology to enable them to inventory and install patches across all managed Windows systems with extreme accuracy and speed (particularly important, as past examples prove even a few worm-infected computers can seriously impact how the entire network functions).

This series will examine the options currently available as we attempt to make the selection and patch management process easier. We will cover free deployment methods (based on Microsoft operating system enhancements, third-party tools, and scripted solutions) as well as fee-based products. This first article will overview developments in patch-related technologies made in the past few years and will discuss general patch management concepts.

Page 2: Windows Update and Software Update Services

Marcin Policht has been working in the technology field since 1994, primarily in the financial industry, specializing in enterprise-level administration and engineering. Among his personal accomplishments are several publications, including WMI Essentials for Automating Windows Management (SAMS Publishing), Windows Server 2003 Bible (Hungry Minds), Windows 2003 Active Directory (Sybex), and Building High Availability Windows Server 2003 Solutions (Addison Wesley). As a Microsoft MVP in Directory Services (since 2006), he has been focusing on the recent developments in identity management (in particular Active Directory), but also continuing to explore advancements in virtualization and clustering.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter
Helpful Links

  • Yankee Group Mobile WAN Optimization Report

    Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

  • Network Security Resources

    More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

  • Extreme Savings: Cutting Costs with WAN Optimization

    Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >