• United States

More help with Microsoft patches

Feb 24, 20033 mins
Enterprise ApplicationsMicrosoftSecurity

* St. Bernard Software, Ecora and Shavlik Technologies

Frequently, I devote one of these newsletters to a particular product that I think should be brought to your attention. Often, the product is one that doesn’t have direct competitors or, if it does, offers some decided advantage – such as price, convenience or the chance to win a free trip to Tahiti.

When I talk about these products I often get feedback from competing vendors and I point out to them the obvious differentiator that led me to write about the one I did. When I mention two vendors though, that excuse does not work. So when last week I talked about patch management products from ScriptLogic and not only did I hear from other vendors, but lots of you, my dear readers, chimed in too to remind me about your favorites.

Some I could eliminate straight away – products that only automate the download and installation of service packs, or only work on server products, or could only maintain the operating system were not considered. They may be excellent products, but they would not have solved the problem I posed – protecting your system from the Slammer worm.

But there are three I will mention:

First, there’s St. Bernard Software’s UpdateEXPERT patch management and remediation tool. This one is important because RippleTech’s PatchWorks (which I covered last week) is based on an earlier version of St. Bernard’s patch management tool. The latest UpdateEXPERT from St. Bernard should ship in March and you should check it out.

Second is Ecora Patch Manager. It’s a full featured patch/hotfix management product, along the lines of Patchlink, but what caught my attention was the free SQL Worm Prevention Kit Ecora is offering. According to Ecora, this tool will automatically identify SQL server vulnerabilities; apply the patch to prevent the SQL Slammer worm from attacking; and discover other Microsoft security vulnerabilities on your systems. That should be worth spending a moment or two to download the software.

Finally, I should mention HFNetChkPro (and the free version, HFNetChkLT) from Shavlik Technologies. Shavlik wrote the Microsoft Baseline Security Analyzer (MBSA), and if it’s good enough for Microsoft that’s recommendation enough to try it out. Plus my buddy Pablo thinks it’s one of the best tools in his toolbox. Since Pab has no sense of humor, I know he really means it. (That’s a joke, Pab, really!)

That’s it, my last word on patch management products for at least six months. Unless, of course, something interesting comes along.