Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft: Patches, Patches Everywhere!

Posted by timothy on from the and-not-a-patch-they-think dept.

Ridgelift writes "Even though Microsoft's recently announce they would not be issuing any new patches for the month of December, the boys at Redmond were scrambling today to figure out why some systems are being patched. The reason? They haven't got a clue."

2 of 388 comments (clear)

  1. Whatever happened to One Service Pack behind? by mr_lithic · · Score: 5, Interesting
    It used to be the standard method of dealing with Microsoft Service Packs that you never deployed the latest one on your boxes. You always stayed one step behind. This practice was proved right with the Service Pack 6/6a debacle.

    With automatic patching of machines from Windows Updates at Microsoft, it seems that everyone is thrown into chaos at the same time.

    Do we really trust Microsoft enough to think that they will get their updates right everytime?

  2. Monthly patches are stupid by Anonymous Coward · · Score: 5, Interesting

    As someone who has to keep over 1000 clients patched, I have no idea what they're talking about when they say "admins want this".

    You know what admins want? I'll tell you. They want to know about bugs AS THEY ARE FOUND, not AS THEY ARE PATCHED, so that we can block ports/attachments/capabilities and aren't sitting there vulnerable for months waiting for a patch. Then, when we get the patch, we want the patch to work. Lastly, we want products that aren't as much in need of patches. Are you listening? That's my top 3 requests--I don't give a rat's ass about monthly patch releases.

    Here's how it works out in the real world, Microsoft. Nobody trusts your patches. After you release them, do you think we just cross our fingers and install the thing? Hell no. We do a test deployment, let it run for a few weeks, and if there aren't any problem, THEN we do the general deployment. And guess what? Frequently, we find problems with your patches and don't deploy them at all.

    So this leaves us vulnerable. Sure, that's bad, but we were ALREADY vulnerable the whole time we've been using this software, and more alarmingly, we were vulnerable and you knew about it and didn't tell us while you were working on a patch.

    We didn't choose to be vulnerable when we chose not to install your broken patches, we chose to be vulnerable when we chose to use your products.