Re: Best Practice: Patches that are not critical or security related
- From: Bruce Chambers <bchambers@xxxxxxxxxxxx>
- Date: Thu, 28 Sep 2006 19:29:06 -0600
What is the best practice for installing patches that are not listed as "Critical" or "Security" related? Does Microsoft have an official stand on this?
I imagine Microsoft's "Official" stand is that they wouldn't offer the patches unless they thought they were important. Of course, what's important to them may not be important to you.
Some would say push them all to be safe and fix any potential issues. On the other side it has been said that by pushing patches for problems that don't specifically affect you it creates a greater chance that something else might be broken. Any references containing recommendations or best practices on this subject? Thanks!
I really don't like to see people use the Automatic Updates, unless they take precautions to ensure that no patches get installed without the user's express permission, given only after he/she has researched each individual patch to ensure that it applies and is necessary. Due to the nearly infinite number of possible combinations of hardware, device drivers, and applications on any given PC, it's impossible to guarantee that all patches will be 100% harmless. In a very small number of cases, patches and hotfixes can cause conflicts or other problems. So, as with all changes to an OS, caution is advised.
All "Critical" updates should be installed. These address serious issues that can affect a large number of computers. There will be only rare occasions when a Critical update will not apply. Of special importance are those that address security vulnerabilities. If people had installed the available critical updates in July of 2003, the Blaster and Welchia worms would not have spread throughout the Internet the following month. In the unlikely event that problems do develop, you can always use the Control Panel's Add/Remove Programs applet or a System Restore Point to uninstall the troublesome hotfix.
For the "Recommended" updates, simply study the information
provided to see if these updates apply in your specific situation. If
they don't apply, or you're not experiencing the problem(s) addressed,
you needn't install them. For instance, I have no use for WinXP's
MovieMaker, so I ignore any updates to it. Again, in the unlikely
event that problems do develop, you can always use the Control Panel's
Add/Remove Programs applet or a System Restore Point to uninstall the
In general, though, I've found it best not to download the
"Driver" updates from Windows Update, unless they're for a hardware
device originally manufactured by Microsoft. Device drivers provided
by each component's manufacturer's web site are likely to perform
better and offer more features than will the watered-down, "generic"
drivers that those manufacturers provide to Microsoft for distribution
via Windows Update.
Help us help you:
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
- Prev by Date: Re: Best Practice: Patches that are not critical or security related
- Next by Date: Re: Norton Antivirus Mistake
- Previous by thread: Re: Best Practice: Patches that are not critical or security relat
- Next by thread: Security Certificate Warning!