EarthLink's New Software Blocks Pop Ups >>
<< Profile Of The Movie Industry's Biggest Threat
 tdicon 


(Mis)Uses of Technology

by Mike Masnick

Fri, Aug 16th 2002 12:01pm





The Problem With Patches

from the too-many,-not-enough-info,-not-sexy dept

Security folks love to complain about sys admins who don't install software patches and leave themselves open to attacks. However, the fact is that there are so many patches coming out so often, it's impossible to keep up. It's also a boring job just patching software, and there's no real upfront incentive for most systems to make sure that they have the latest patches. As one analyst points out, it's not sexy to be patching software. They also suggest that software vendors need to communicate better the reasons (and importance) of various patches. Since companies (like Microsoft) come out with so many patches, no one knows when it's really time to patch things up.

4 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 


 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    Patches Smatches

    identicon
    Joe Schmoe, Aug 16th, 2002 @ 12:09pm

    The only problem that I have with patches is the fact that the only times I've ever lost everything (three times now!) and had to reformat/reinstall/restore have been at the hands of an MS update or patch. But I suppose that's a rant of a different topic...

    reply to this | link to this | view in thread ]

  2.  

    No Subject Given

    identicon
    Chris, Aug 16th, 2002 @ 12:22pm

    Obviously, the answer is to let Microsoft have read/write access to your hard drive. Then they will automatically update your compter as needed and you don't have to worry about it. And just to be helpful, they can confirm that all your MP3's are legal too ;)

    reply to this | link to this | view in thread ]

  3.  

    Not always easy in a production environment

    identicon
    Halthek, Aug 16th, 2002 @ 1:12pm

    I'm not willing to just slap the patch of the day on my production servers without first testing them. The patch backlog isn't so much the list of patches that await installing, but the ones that have come through internal testing in a timely manner. And testing the same set of application over and over again with each patch is even more boring than patching the servers.
    So far, I've had two different patches break applications (on the test servers) that a customer relies on. At that point it's meeting time to find work-arounds, risk analysis, etc. At least that part isn't boring...

    reply to this | link to this | view in thread ]

  4.  

    Wasted time?

    identicon
    Nikan, Aug 16th, 2002 @ 6:26pm

    I'm not in the IT field but I've always wondered just how much time does it take to roll out on of these patches? How much time do you IT folks lose rolling out just one patch?

    Just for fun - does anybody wanna charge the software company for this time? hehehe

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>

EarthLink's New Software Blocks Pop Ups >>
<< Profile Of The Movie Industry's Biggest Threat
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss
Essential Reading

Hot Topics

New To Techdirt?

Explore some core concepts:

read all »

A word from our Sponsors...

Close

Email This