Re: patch philosophy

From: Dennis Depp (deppd@comcast.net)
Date: 08/31/02


From: "Dennis Depp" <deppd@comcast.net>
Date: Sat, 31 Aug 2002 10:15:12 -0400


Scott,

I apply all security patchs and Service Packs on my system. When a new
security hotfix comes out, I wait at least 24 hours before installing it on
a production machine. Durning this time, I test it in our test bed and
monitor newsgroups and listservs for potential problems. After 24 hours if
I determine it is a critical patch, I will install it ASAP. If it is not
critical, I will wait until a maintanence window or until the next critical
patch comes out. Non Security hotfixes are only applied if I have a problem
and PSS says this will resolve the problem.

Dennis

"Scott" <scott@work.com> wrote in message
news:743f01c24ade$a99e1560$a5e62ecf@tkmsftngxa07...
> What's everyones patch philosophy?
>
> I generally find that we like to apply all patches, just
> in case something gets through the firewall or there's a
> configuration that's not correct somewhere.
>
> After all, code red got through on one server (not "owned"
> by us) and eventually spread everywhere it could, except
> our servers since we were patched all up.
>
> Scott
>