Software Patch Management
Firms move to ease patch management

IT-ManagementIT-ProjekteNetzwerk-ManagementNetzwerkeSicherheitSicherheitsmanagement

Microsoft and third-party developers are taking different approaches to
simplifying software patch management. At the Microsoft Management
Summit in Las Vegas next week, the software giant is expected to detail
a new version of its Software Update Services (SUS) and Systems
Management Server (SMS) patching tools.

Software Patch Management

Microsoft and third-party developers are taking different approaches to
simplifying software patch management. At the Microsoft Management
Summit in Las Vegas next week, the software giant is expected to detail
a new version of its Software Update Services (SUS) and Systems
Management Server (SMS) patching tools.

Last year Microsoft vowed
to reduce the number of patch installers software that is downloaded
when patching a system from seven varieties to two, to make
administration easier.

SUS 2.0 is expected to patch Microsoft
products beyond Windows, the focus of the current SUS. Microsoft is also
expected to provide more detail about Microsoft Update, which is
designed to give smaller customers a single source for SQL Server,
Exchange Server and Office patches.

Any improvements will be much
appreciated by IT administrators who are currently being deluged with
patches and are even seeing security vulnerabilities caused by the
patches themselves. However, third-party software developers said
patching and updating must go beyond the Microsoft world.

FrontRange, best known for its GoldMine contact management software,
will next month launch its FrontRange Patch Management web site. The
firm said the site is intended to provide the fastest possible response
to security threats by letting firms download and test patches. “We want
to close the window of time where worms and viruses proliferate, but
cover Linux, Mac and Unix as well as Windows,” said Kevin Smith,
vice-president of products. “It has to be more robust and heterogeneous
than SUS.”

UK-based NetSecure last year launched services
specifically to automate patching.Last week, Microsoft reissued one of
the three security bulletins released as part of its monthly patching
schedule for March. The Outlook 2002 fix was first issued with an
“important” rating last Tuesday. But Microsoft reissued it the following
day with an upgraded “critical” rating, based on information concerning
a new attack scenario discovered within 24 hours of the bulletins
original release.

Infos zum Thema:
Microsoft Security Bulletin