About six weeks ago, Microsoft released Update Rollup 1 (UR1) for Windows 2000 SP4.
Many people missed the security advisory, whereas some of those who saw the
advisory and did install the
rollup experienced problems. Microsoft has announced plans to reissue the update,
due to a few glitches affecting some customers, but has not yet given an exact
date for that release.
A number of years back, I owned a car with a seatbelt that automatically
ran along a track and over my shoulder as soon as I closed my car door. It was
one of the first of its kind and I thought it was very cool. The only problem
was that you still had to manually pull the lap belt over to be completely safe
(and not be decapitated in a crash).
Unfortunately, the automated shoulder strap gave such a false sense of security
that it was easy to neglect the lap belt.
Microsoft’s recently released Windows Server Update Services (WSUS) is
another step in the goal of making patch management more efficient.
You should always keep your systems up-to-date with the latest patches. But
it isn’t always that easy to stay current, especially on critical production servers
that require careful testing and planned deployment.
It was just a few years ago that I complained that patch management shouldn’t
be something we have to think about to use a PC. I trust my local lube shop to
keep my car’s fluid levels topped off. I trust my lawn service to spray my lawn
with the appropriate treatment each month. And I trust my financial software to
keep my checkbook balanced. I wanted to trust someone else to keep my system
Over ten years ago, I locked my keys in my car. It was the first time in my
life I had ever done this and I have never done it since. But, to this day, my
wife still asks me if I have the keys every time I shut the car door. A decade
of not locking the keys in my car has done little to gain her trust.
Those of us who manage Windows systems got a pleasant surprise this month: no
new patches for March! Could this be a trend? Unfortunately, not yet. We just
got lucky this time.
With Microsoft announcing 12 new updates this week — 8 of them rated
critical — it was a busy Patch Tuesday for many of us. But even with all these
updates, few people have so far reported serious problems after installing them. Is
Microsoft starting to get the hang of this patching stuff?