Ziff Davis Internet
News & Resources for the IT Reseller
NewsReviewsTech AnalysisCommentarySecurityLinux/Unix
My Account |  

Larry Seltzer  
Microsoft Overloads the Patch Process
By Larry Seltzer

Opinion: It’s going to take you a long time to deal with everything that happened today. Perhaps it would have been better for Microsoft to have two patch days this month.

I’m done patching my own systems.

I threw caution somewhat to the winds this time. I did do some testing; I have a test desktop and a test server I install these things on and run a few tests involving common tasks of mine, but this time was different from most others.


This time Microsoft had put out so much information and so many patches that I really didn’t have time to understand it all before I applied them.

That’s one way to do things; I don’t have so many computers or critical applications here that I can’t recover from anything going wrong.

If I were administering a large enterprise things would be different. The flood of security bulletins and patches released today by Microsoft was so large and complicated that administrators have no choice but to prioritize.

eWEEK.com Special Report: Keeping Pace with Microsoft's Patches

Microsoft and others have attempted to set priorities in terms of the most serious problems, but only you know what issues are the important for your systems.

The problem of overload is even worse than the 12 security bulletins would indicate. Microsoft also chose today to release at least one Office patch unrelated to the vulnerabilities disclosed in the bulletins. There may be more, it’s still too hard to tell given the sheer volume of information. Microsoft also chose today to release an update for Exchange Server 2000 related to a bulletin from last year.

But wait, there’s more. Perhaps hoping to slip in under the radar, other vendors reported problems today. For instance, Symantec revealed a bug in the UPX (Ultimate Packer for eXecutables) engine in a large number of their products that could allow an attacker to inject code and take control from the engine. I’ll have more on this later.

So while you’re getting ready to update all your Windows systems, don’t forget to update your Symantec products. And a non-trivial vulnerability showed up in Apple’s MacOS X AppleFileServer.

Earlier I toyed with the idea of seeing if today’s flood of patches cleaned the slate of unpatched vulnerabilities on Windows, but it appears this isn’t the case, at least depending on who you talk to.

Last fall Finjan announced that they had found 10 new vulnerabilities in Windows XP SP2. Microsoft still disputes the severity of the problems, and in any event confirmed today that “none of the bulletins released today addressed any of the alleged vulnerabilities on Finjan’s list…” So fear not, there are more bulletins to come.

The point of having a regularly-scheduled patch day, and later on of giving limited advance information, was to help administrators plan for updates and to schedule time in which to test and apply them. There’s no way that anyone’s regularly-scheduled interval will be adequate to handle everything that happened today.

It might actually have been better for Microsoft to have announcd last Thursday—instead of saying that there would be 13 advisories (in the end there were only 12, as Microsoft held one back for further testing)—that the advisories would come in two phases.

They could declare a special off-schedule patch day next Tuesday or whatever an appropriate period would be. They could divide the two days based on priority or on products.

Since Microsoft didn’t split up the problems for us, we’ll have to prioritize on our own. But we’ll have to do it with the issues and the patches in public, which means that the exploits will be coming out quicker than they would otherwise. We can only hope that overload days like this are rare, but maybe Microsoft will even the workflow out when they happen in the future.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

PointerCheck out eWEEK.com’s Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer’s Weblog.

More from Larry Seltzer
• Can Vista Save Enterprises from Themselves?
• The First Mac OS X Virus?
• What Will Apple Do When the Malware Comes?
• Time To Raise Prices—Internet Access is Too Cheap
• A Toe in Legit Waters: The Latest Shift in Spammer Technique



Free Hands-On Training Lab
Find out how key features of SBS 2003 can help you open up a new line of revenue. Register now >>

SBS 2003 Sales Reference Card
This handy reference card contains features at a glance, sales objection handling, pricing guidelines & more. Get it now >>

Microsoft Empower for ISVs rewards your big idea with big benefits and support.
Access key development tools at a low cost to help you develop that idea into an innovative application. Learn more >>

Changing Business for the Better: A Practical Guide to BPM

This paper provides an overview of the benefits of BPM technologies and identifies the characteristics of BPM solutions that lead to successful BPM process-centric integration projects.

Download this free white paper to learn more!

>> brought to you by IBM

Attention Microsoft Solution Providers!

Want to gain a competitive edge? Try Microsoft Watch – FREE!

Each week you receive:
  • Microsoft News and Insider Information
  • Expert Analysis
  • Code Names of Upcoming MS Products
  • Year-Ahead Calendar, updated monthly

    Click Here to sign up now for your FREE 14 Day Trial to Microsoft Watch.
  • Add up to $1,200 of value with the new BONUS PACKS.
  • HP PartnerONE: The key to increasing your margins.
  • HP Compaq nc6129 Business Notebook. $1149 Smart Buy
  • HP xw8200 workstation. Smart Buy price $1549.
  • ProLiant DL360G4p server: HP Smart Buy price $1647
  • Microsoft files new anti-piracy lawsuits. Learn more.
  • New offers with Windows Genuine Advantage.

    •Catalog Publishing
    •Dealer Management
    •Order Configuration
    •Price Management
    •Sales Management

    View All >

    Search the jobs you want & get the info you need – post your resume here today!

    Powered by Dice
    White Boxes
    MS vs. IBM
    Linux in the Channel
    Stay in the Zone
    Put The Channel Insider on your desktop.
    Subscribe to The Channel Insider: Channel News, Reviews, Resources and more.

    Make your selections below:

    Contract Watch

    The Channel Insider Update

    Preferred e-mail format:

    Enter your e-mail:

    view all newsletters >>
    Channel Insider Quick Links
    Ziff Davis Footer Logo