Help with Microsoft patches

Patching and Microsoft products have been in the news quite a bit lately, especially in light of the recent “Slammer” worm, which infected even some of Microsoft’s own SQL servers. The excuse many administrators gave was that the SQL Server service pack took hours and hours to install, which meant the server had to be down and unavailable to users. It’s an excuse we’ve often heard about why necessary patches were not applied. It’s no worse hearing it from Microsoft then from your own sys admins, though.

The reality is, however, that the fix for the particular vulnerability that Slammer exploited had been released quite some time ago as a separate patch needing only a moment or two to download and apply. With the number of products, services and patches growing astronomically, though, it’s not all that strange that one could be overlooked.

Microsoft’s Windows Update service can be used to keep the operating system up to date, but that still doesn’t help with all of the services and applications running on Windows. There are, however, third parties that can help.

Patchlink (https://www.patchlink.com/) started life as HiTechSoft back in 1991 with a product called NetBasic, a scripting language for NetWare servers. Half a dozen years ago HiTechSoft realized that one of the major uses of that language was patch management and distribution, so PatchLink was born. Starting small, with Microsoft and NetWare operating system patches, it has grown to encompass thousands of applications and services with a rich scripting language to control alerts, notifications, downloads, distribution and behavior (e.g., re-boot after patch completes) as well as full logging and reporting of the process. It has been successfully used on thousands of networks and could help yours.

RippleTech (https://www.rippletech.com/) first came to my attention in 1999 with its LogCaster product (https://www.nwfusion.com/newsletters/nt/0927nt2.html) for monitoring and responding to Windows server events. The company has been quite successful, since we can all use lots of help in winnowing out the real problems from all of the necessary, but mundane, logged events. Evidently, though, the company sees that there’s another, similar need in the patching department.

Manually keeping up with hotfixes, patches and service packs in a distributed Windows environment can be just as tedious – if not more so – than reading through all of the various event logs in that distributed environment. RippleTech’s PatchWorks can automate the discovery, distribution and installation patches for most Windows operating systems and many Windows services and applications.

Both companies offer free evaluations of their products, I’d suggest you try them to see which best fits your management style.