How to install patches when Microsoft’s tools don’t
Ever since my first copy of Windows NT 3.5, patching has been a confusing and scary ritual that we admins had to regularly endure. Only in the last couple years have we had reliable patch management software to ease much of the pain.
Fortunately, Microsoft is getting better at it. The company’s update strategy is showing signs of maturity. This month’s rather smooth updates are a testament to this.
But don’t get too comfortable yet; there’s always something that doesn’t go as planned.
Secrets of updating ASP.NET
Microsoft finally released a patch to an issue brought up several months ago regarding ASP.NET authentication. At that time, someone publicly announced the problem rather than reporting it to Microsoft. This forced Microsoft to hastily issue a workaround, which successfully blocks the attack.
So, you might ask, why is it necessary to install this update if you are already blocking the attack?
The answer is that this attack can be carried out in other ways, besides the one that was made public.
The workaround blocks the attack, but
= Paid content
All Windows Secrets articles posted on 2005-02-10:
- Top Story Readers reveal their adware battles
- Patch Watch How to install patches when Microsoft’s tools don’t
- Windows Secrets Don’t get scammed by the ‘Bait and Switch’ trick
- Patch Watch We definitely need our Wheaties today!
- Briefing Session The bare facts about MSN Search
- Wacky Web Week You’ve got a good head on your shoulders
- Show all articles on a single page