Microsoft issued eight updates on Tuesday - two more than expected - as part of its Patch Tuesday update cycle. Redmond classifies six of the octet as critical, while independent security watchers reckon they all make the highest security grade. Worst of the bunch is an update for ActiveX controls that affects Visual Basic 6.0's …
Love the advice...
"it is imperative that all IT professionals pay particular attention to the critical updates and patch as quickly as business conditions permit."
Why? Seriously, why?
my servers can ignore most of these. They have no Office apps, have no internet access and the likes of activeX are disabled. So don't tell me what to do sunshine without knowing my setup!
Isn't this the big issue with a patch cycle? Every cracker and virus writer know exactly how to get 29 days of un-patched systems
Maximum Uptime 'til Patch Tuesday
Why does it seem like Microsoft insist on a restart for every bloody patch that comes down the tube.
Surely one could design a system whereby a service is stopped, patched, then restarted. Many other OS do it this way.
Windows 2008 was supposed to largely "eliminate unnecessary restarts", this has never and will never be realized in a MS world!
And you'll be first in the line to complain when your server crashes too won't you.
Risk analysis... @ Love the
Yes, how critical are these really & how big is teh risk? I have a home PC (not the one I'm posting from) which the MS Updater would cause to hang. This was an issue specific to my mobo (& several others) and MS issued a patch for it 18 months ago, however the patch did not work for me. The effect of this is that the PC has not had a single MS update applied for approaching 3 years. No problems whatsoever so far either. My only alternative is to replace the mobo (or move away from MS); what's the cost-benefit case of this likely to be anyway?
OK, so it does run up to date AV and a firewall, & regular Adawaring, and most web browsing is using Opera, and no POP email is run on, plus I'm generally careful. No online banking either.
I somehow doubt I'm the worst offender out there either...
@Maximum Uptime 'til Patch Tuesday
And linux / OSX / UNIX is any different how?
Take linux for example, if you have a new kernel, then you MUST reboot, you have no other choice.
Need to make a new initrd for a driver change -- said driver is your boot controller, well sonny Jim, you have to reboot.
GLIBC gets updated, no you don't have to reboot, but you won't be in the new environment until you do.
Yes it is ridiculous that MS require reboots for other things which are NOT in the kernel, but they are getting better. Who actually gives a shite about uptime anyway?
If you data is critical, then fail it over to another node in your cluster, coz you will have one.
Reboot that node, then patch the other.
@Freetard: Maximum Uptime 'til Patch Tuesday
"And linux / OSX / UNIX is any different how?"
Fundamentally, in that patches are made available when they are ready, rather than on a particular day. Not thinking too hard when you asked that question, were you?
Not sure what to make about the rest of your rant, as you admit that Windows is crap in this regard anyway.
'Kernel' is the clue.
Yup, I restart if I patch the kernel.
Not when I moved from OpenOffice 2.4 to OpenOffice 3.
"Why does it seem like Microsoft insist on a restart for every bloody patch that comes down the tube." - Have you ever ran it through Windows Update or Automatic Update? One reboot.
Or manually download each EXE. Run each EXE [assuming WinXP] and use /q /z as parameters. This stops any reboot with minimal interaction. I'd run in a batch file. Works with 95% of the updates. [Suppost to use the utility "qchain.exe" after the last update. Qchain can be found on the MS website.]
We have a dozen Server 2003 servers and with this way, they weren't rebooted in 6 months.
Note: Some updates require a reboot to take effect - so there is a minor risk if your network isn't secure.
Have you tried http://www.autopatcher.com/ ?
Funnily enough, doing exactly that on Windows doesn't prompt a reboot either. Your point was what exactly?
Hint: Apples != Pears.......
Thanks- no I'd never heard of that site before. Looks promising as it uses it's own client to carry out the updates, will give it a try. Thanks again
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Neil Young touts MP3 player that's no Piece of Crap
- Review Distro diaspora: Four flavours of Ubuntu unpacked
- Sysadmins and devs: Do these job descriptions make any sense?