Re: patch philosophy

From: Dennis Depp (
Date: 08/31/02

From: "Dennis Depp" <>
Date: Sat, 31 Aug 2002 10:15:12 -0400


I apply all security patchs and Service Packs on my system. When a new
security hotfix comes out, I wait at least 24 hours before installing it on
a production machine. Durning this time, I test it in our test bed and
monitor newsgroups and listservs for potential problems. After 24 hours if
I determine it is a critical patch, I will install it ASAP. If it is not
critical, I will wait until a maintanence window or until the next critical
patch comes out. Non Security hotfixes are only applied if I have a problem
and PSS says this will resolve the problem.


"Scott" <> wrote in message
> What's everyones patch philosophy?
> I generally find that we like to apply all patches, just
> in case something gets through the firewall or there's a
> configuration that's not correct somewhere.
> After all, code red got through on one server (not "owned"
> by us) and eventually spread everywhere it could, except
> our servers since we were patched all up.
> Scott