[unisog] Security patches

Greg Francis francis at gonzaga.edu
Tue Aug 7 16:58:39 GMT 2001

I've always been somewhat wary of installing hotfixes from Microsoft. I used
to wait for service packs to bring my servers up to date because Microsoft
has not always had the best record at having a hotfix not make the problem
worse. I've even waited for a couple weeks after a service pack has come out
before applying them to my critical servers. That has had to change now with
NT4 since there are no more service packs but applying hotfixes still
concerns me.

I'm fortunate in having multiple servers where I can test a hotfix before
putting it on my critical servers. I don't always have that luxury (e.g., no
non-production Exchange server).

I've never had that level of concern with applying security fixes to my HPUX
or Linux servers.

How are other people dealing with testing of security hotfixes before
applying them to critical servers. Are you trusting that Microsoft has it
right, are you testing on non-production servers, do you wait for others to
report problems, what?

I would like to be up-to-date on every one of my servers but if the fixes
that come out break other things, then what good are they?


Greg Francis
Sr. System Administrator
Gonzaga University
francis at gonzaga.edu

More information about the unisog mailing list