Have Microsoft's Update Problems Changed Your Patching Policies?

Have Microsoft's Update Problems Changed Your Patching Policies?

At one time or another, we've all experienced the pains of patching Microsoft products. It sometimes seems to be a never ending battle to test, test, test again, roll out updates and still be nipped in the butt. And, even though it can't be helped, it’s the IT Pros that get blamed and heaped on the responsibility of fixing blue screens and hardware and application problems brought on by poorly designed updates.

Granted, when patches attack, it generally only affects a small percentage of customers.  Microsoft can say what it wants, i.e., only a small number of customers were affected, but when a company has a customer base as large as Microsoft does, that small percentage actually looks pretty big.

And perception is everything. Social networks amplify customer angst. Whenever a problem is found, reports of pains are broadcast wide and loud so that everyone knows about it. Social networks have become the primary monitoring tool for many companies waiting to get the go-ahead to deliver updates.

Recent feedback on Microsoft's patching problems show that IT organizations are pushing back timelines for updates. The general consensus used to be that patches are rolled out a week or so after initial release. This would allow enough time to test updates to ensure they work within the specific environment. But those timelines seem to be changing. It took Microsoft almost 6 weeks to finally rerelease August 2014's botched updates, effectively stretching Patch Tuesday into a month of Tuesdays. I've heard feedback suggesting Microsoft is now waiting a month, instead of a week, to roll out updates, primarily to wait to hear if an update (or updates) is reported to cause issues. For critical security patches developed to mitigate zero-day vulnerabilities or exploits already in the wild, this is not an optimum scenario, leaving systems exposed.

So, has the perceived quality of Microsoft's released updates caused your company to alter its patching policies?

I'd like to know… (feel free to leave a comment about your own perceptions and pains)

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish