Microsoft readies pitch on patches

Microsoft  customers this week are hoping to finally evaluate the company's new patch management tools and hear more about the wide-ranging systems management platform in which those tools will be a key component.

At the company's annual Management Summit, Microsoft is expected to unveil the first beta of Software Update Services (SUS) 2.0, a free Windows server add-on that runs behind a firewall and automates the acquisition and deployment of patches. SUS 2.0, which eventually will be built into Windows, is just one of the new tools Microsoft is developing for its much maligned patch infrastructure.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Microsoft  customers this week are hoping to finally evaluate the company's new patch management tools and hear more about the wide-ranging systems management platform in which those tools will be a key component.

At the company's annual Management Summit, Microsoft is expected to unveil the first beta of Software Update Services (SUS) 2.0, a free Windows server add-on that runs behind a firewall and automates the acquisition and deployment of patches. SUS 2.0, which eventually will be built into Windows, is just one of the new tools Microsoft is developing for its much maligned patch infrastructure.

Over the past few years, an onslaught of worms and viruses has shown that Microsoft's patching tools are not up to snuff.

The next generation of tools are just a small portion of Microsoft's Dynamic Systems Initiative (DSI), which is focused on creating a self-managing environment built around applications that can communicate their management needs to the network. DSI was announced at last year's conference in response to similar utility computing plans from HP, IBM and Sun. While DSI is still in the conceptual stage, Microsoft can wait no longer to improve the patch tools that are part of the plan.

"I am keeping my fingers crossed that they put out better tools for free that help me manage the patching of their products, including Office," says Dave Neige, LAN administrator for Dots Fashions, a chain of clothing stores based in Solon, Ohio. Neige runs SUS 1.0, a tool he says lacks intelligence because of a shortage of management controls.

"SUS provides no history and no auditing. If I had to pay for it I wouldn't like it," says Neige, who adds that budget constraints prevent him from deploying a patch management platform from another vendor such as BigFix, ConfigureSoft or Shavlik Technologies.

SUS 2.0 is designed to correct some of the flaws Neige points out. It also is the first of a handful of patch tools Microsoft has promised, including Microsoft Installer (MSI) 3.0, a one-stop Web site that would offer patch installer technology; all Microsoft patches; a common assessment and reporting engine to verify whether patches are needed and installed correctly; and the reduction in patch size to conserve bandwidth during deployment.

Last year, Microsoft's chief security strategist Scott Charney created a 30-member internal task force to identify those needs and consolidate them into a standardized architecture to stretch across all Microsoft products. Today, the company has a hodgepodge of patch tools that individual product groups developed.

Microsoft CEO Steve Ballmer said last October that the fruits of Charney's effort would be seen in May 2004 "with one patching experience . . . that works across Windows and all of the application products."

So far, little has been made available. The beta for SUS 2.0 has been delayed twice. The second beta of MSI 3.0 was released in January, and the final version is expected to ship with Windows XP Service Pack 2 later this year.