The Problem With Patches

from the too-many,-not-enough-info,-not-sexy dept

Security folks love to complain about sys admins who don’t install software patches and leave themselves open to attacks. However, the fact is that there are so many patches coming out so often, it’s impossible to keep up. It’s also a boring job just patching software, and there’s no real upfront incentive for most systems to make sure that they have the latest patches. As one analyst points out, it’s not sexy to be patching software. They also suggest that software vendors need to communicate better the reasons (and importance) of various patches. Since companies (like Microsoft) come out with so many patches, no one knows when it’s really time to patch things up.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Problem With Patches”

Subscribe: RSS Leave a comment
Halthek says:

Not always easy in a production environment

I’m not willing to just slap the patch of the day on my production servers without first testing them. The patch backlog isn’t so much the list of patches that await installing, but the ones that have come through internal testing in a timely manner. And testing the same set of application over and over again with each patch is even more boring than patching the servers.
So far, I’ve had two different patches break applications (on the test servers) that a customer relies on. At that point it’s meeting time to find work-arounds, risk analysis, etc. At least that part isn’t boring…

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...