By Mark Burnett
About six weeks ago, Microsoft released Update Rollup 1 (UR1) for Windows 2000 SP4. Many people missed the security advisory, whereas some of those who saw the advisory and did install the rollup experienced problems. Microsoft has announced plans to reissue the update, due to a few glitches affecting some customers, but has not yet given an exact date for that release.
While I normally compliment Microsoft on its progress in patch management, it seems to have dropped the ball a bit on this update. It’s nothing major — it’s just that I’m barely starting to trust Microsoft’s process and it’s still a bit of a sore spot.
UR1 is not a service pack
Microsoft decided to release this update rollup instead of issue anything called Service Pack 5 (SP5) for Windows 2000. Service packs are Microsoft’s chance to bundle a lot of operating system fixes, updates, and minor enhancements into a single package. A service pack serves as a new baseline for that OS.
The problem is that the development, testing, and customer-deployment cycle for service packs is so long that they aren’t the most efficient way to get customers up-to-date with the latest security fixes. And, since the time between service packs is so great, we usually end up with dozens of hotfixes to keep track of since the latest service pack.
To address that problem, Microsoft occasionally releases update rollups. Update rollups are essentially a way to simplify patch management by bundling all OS fixes into a single update. Rollups don’t require a significant amount of testing, because they’re supposed to be just a repackaging of previous fixes.
So does that mean that if you’ve already installed all security updates, you don’t need this rollup? Unfortunately, no. According to MS KB article 891861, you should still install this update. That’s because it “contains important fixes that have not previously been part of individual security updates.”
Furthermore, the article says, this rollup includes “enhancements that may help increase system security, increase stability, reduce support costs, and support the current generation of PC hardware.”