The Problem With Patches
from the too-many,-not-enough-info,-not-sexy dept
Security folks love to complain about sys admins who don’t install software patches and leave themselves open to attacks. However, the fact is that there are so many patches coming out so often, it’s impossible to keep up. It’s also a boring job just patching software, and there’s no real upfront incentive for most systems to make sure that they have the latest patches. As one analyst points out, it’s not sexy to be patching software. They also suggest that software vendors need to communicate better the reasons (and importance) of various patches. Since companies (like Microsoft) come out with so many patches, no one knows when it’s really time to patch things up.
Comments on “The Problem With Patches”
The only problem that I have with patches is the fact that the only times I’ve ever lost everything (three times now!) and had to reformat/reinstall/restore have been at the hands of an MS update or patch. But I suppose that’s a rant of a different topic…
No Subject Given
Obviously, the answer is to let Microsoft have read/write access to your hard drive. Then they will automatically update your compter as needed and you don’t have to worry about it.
And just to be helpful, they can confirm that all your MP3’s are legal too 😉
Not always easy in a production environment
I’m not willing to just slap the patch of the day on my production servers without first testing them. The patch backlog isn’t so much the list of patches that await installing, but the ones that have come through internal testing in a timely manner. And testing the same set of application over and over again with each patch is even more boring than patching the servers.
So far, I’ve had two different patches break applications (on the test servers) that a customer relies on. At that point it’s meeting time to find work-arounds, risk analysis, etc. At least that part isn’t boring…
I’m not in the IT field but I’ve always wondered just how much time does it take to roll out on of these patches? How much time do you IT folks lose rolling out just one patch?
Just for fun – does anybody wanna charge the software company for this time? hehehe