Back to the articleFixed cycle #
Posted Wednesday 10th December 2008 13:08 GMT
Isn't this the big issue with a patch cycle? Every cracker and virus writer know exactly how to get 29 days of un-patched systems
Bumper MS patch batch spells client-side misery
Love the advice... #
Posted Wednesday 10th December 2008 13:08 GMT
"it is imperative that all IT professionals pay particular attention to the critical updates and patch as quickly as business conditions permit."
Why? Seriously, why?
my servers can ignore most of these. They have no Office apps, have no internet access and the likes of activeX are disabled. So don't tell me what to do sunshine without knowing my setup!
Maximum Uptime 'til Patch Tuesday #
Posted Wednesday 10th December 2008 15:28 GMT
Why does it seem like Microsoft insist on a restart for every bloody patch that comes down the tube.
Surely one could design a system whereby a service is stopped, patched, then restarted. Many other OS do it this way.
Windows 2008 was supposed to largely "eliminate unnecessary restarts", this has never and will never be realized in a MS world!
@Anonymous Coward #
Posted Wednesday 10th December 2008 15:54 GMT
And you'll be first in the line to complain when your server crashes too won't you.
Risk analysis... @ Love the #
Posted Wednesday 10th December 2008 16:35 GMT
Yes, how critical are these really & how big is teh risk? I have a home PC (not the one I'm posting from) which the MS Updater would cause to hang. This was an issue specific to my mobo (& several others) and MS issued a patch for it 18 months ago, however the patch did not work for me. The effect of this is that the PC has not had a single MS update applied for approaching 3 years. No problems whatsoever so far either. My only alternative is to replace the mobo (or move away from MS); what's the cost-benefit case of this likely to be anyway?
OK, so it does run up to date AV and a firewall, & regular Adawaring, and most web browsing is using Opera, and no POP email is run on, plus I'm generally careful. No online banking either.
I somehow doubt I'm the worst offender out there either...
@Maximum Uptime 'til Patch Tuesday #
Posted Wednesday 10th December 2008 16:35 GMT
And linux / OSX / UNIX is any different how?
Take linux for example, if you have a new kernel, then you MUST reboot, you have no other choice.
Need to make a new initrd for a driver change -- said driver is your boot controller, well sonny Jim, you have to reboot.
GLIBC gets updated, no you don't have to reboot, but you won't be in the new environment until you do.
Yes it is ridiculous that MS require reboots for other things which are NOT in the kernel, but they are getting better. Who actually gives a shite about uptime anyway?
If you data is critical, then fail it over to another node in your cluster, coz you will have one.
Reboot that node, then patch the other.
@Freetard: Maximum Uptime 'til Patch Tuesday #
Posted Wednesday 10th December 2008 19:37 GMT
"And linux / OSX / UNIX is any different how?"
Fundamentally, in that patches are made available when they are ready, rather than on a particular day. Not thinking too hard when you asked that question, were you?
Not sure what to make about the rest of your rant, as you admit that Windows is crap in this regard anyway.
@FreeTard #
Posted Wednesday 10th December 2008 19:37 GMT
'Kernel' is the clue.
Yup, I restart if I patch the kernel.
Not when I moved from OpenOffice 2.4 to OpenOffice 3.
errr #
Posted Wednesday 10th December 2008 19:37 GMT
"Why does it seem like Microsoft insist on a restart for every bloody patch that comes down the tube." - Have you ever ran it through Windows Update or Automatic Update? One reboot.
Or manually download each EXE. Run each EXE [assuming WinXP] and use /q /z as parameters. This stops any reboot with minimal interaction. I'd run in a batch file. Works with 95% of the updates. [Suppost to use the utility "qchain.exe" after the last update. Qchain can be found on the MS website.]
We have a dozen Server 2003 servers and with this way, they weren't rebooted in 6 months.
Note: Some updates require a reboot to take effect - so there is a minor risk if your network isn't secure.
@Kwac #
Posted Thursday 11th December 2008 10:56 GMT
Funnily enough, doing exactly that on Windows doesn't prompt a reboot either. Your point was what exactly?
Hint: Apples != Pears.......
@Yarr #
Posted Thursday 11th December 2008 16:19 GMT
Thanks- no I'd never heard of that site before. Looks promising as it uses it's own client to carry out the updates, will give it a try. Thanks again
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- Thermal design of the Dell PowerEdge T610, R610, and R710 servers
Monolithic thermal design overview - Seven ways to optimize VMware server virtualization
Virtualized storage complimenting virtualized applications - Automating the Acquisition Process with Enterprise Level CRM
Sales Force Automation buyer’s guide - Checklist: Midmarket ERP Solutions
Control your rising business costs - Checklist: signs you need to upgrade your business phone system
Adopting the latest innovations in communication technology - Best practices for optimizing performance and availability in virtual infrastructures
Solutions for the complete physical and virtualized IT infrastructure
