Service packs are advertised as being more comprehensively tested than hotfixes.
They should not, however, be installed without some preemptive homework.
This week’s Patch Watch column focuses on the recently released Windows Server 2003
Service Pack 2. But these guidelines should be followed when doing any major
upgrades, whether they are service packs, operating systems, or other installs.
So you thought March’s “lack of security patches” would allow you to snooze
through the month? Guess again.
Windows Server 2003 Service Pack 2 was suddenly and without warning thrown at us
this Tuesday. For us admins, this means we have a lot of work to do.
When Daylight Saving Time hits the U.S. on its new start date of Sunday, Mar. 11,
you’d better be ready for any issues that may occur.
Monday, Mar. 12, will either be uneventful for you or the start of a week of
arriving an hour late to your appointments.
Haven’t updated your browser in a while? It’s time.
Firefox needs a major update this time, so be sure not to put it off. Here’s
what you need to know.
With 12 security patches being flagged as critical, plus this week’s Daylight
Saving Time fixes, your patch session this month will be extensive.
Because there are so many this month, I’m putting all the similar patches
together within sections below. First up are the critical Office patches.
This week, Microsoft declared a sale on Daylight Saving
Time patches for Windows 2000, for those of you who are still running that platform.
In other news, I’m going to spend a lot of this week’s column on
patches that are rated "nonsecurity" but could have a great impact on you and
your business none the less.
Patching should protect our systems first and foremost, but lately I’ve been
tracking issues that affect the patching process.
First, some folks were turning off auto-update to ensure they wouldn’t get
Windows Genuine Advantage (WGA) or Internet Explorer 7. Now, Microsoft’s very
patch mechanism itself needs some help.
The second Tuesday of the month is when topics usually move from Chris
Mosby’s Over the Horizon column
to mine, because Patch Tuesday is when problems morph from unpatched to patched.
This week, that didn’t happen at all, and the big news is more about the patches that
weren’t released than the patches that were released.
The last batch of official patches for 2006 leaves us with a few unpatched
vulnerabilities, as Chris Mosexplains, above. But we’re rid of a few "zero day"
Microsoft’s December patch batch also includes a number of confusing, nonsecurity patches,
but I hope to make everything clear for you.
Steve Ballmer was at NASDAQ on Nov. 30 to announce that businesses
are now able to purchase Vista.
For the rest of us, it’ll be after the New Year before we start to
see the patching changes that will impact us the most —
but that doesn’t mean they’ll be small.