As I first reported last month in WinInfo Daily UPDATE, Microsoft is working to end the patch-management nightmare by creating a new, centralized patch-management architecture for all its products. A new generation of services, such as Microsoft Update, and tools, such as the company's Windows Installer 3.0, will use the infrastructure.
For anyone who supports Microsoft's products, what was once a dream is suddenly becoming reality. This week, the company issued its first beta of Windows Installer 3.0, one of two installer programs that Microsoft will support under the new patch-management scheme. The final product should ship in early 2004.
"Customers told us to reduce the vulnerabilities in our products before they ship and to get fixes out before vulnerabilities are exploited," a Microsoft representative told me. "It's not easy to deliver timely, high-quality patches under our current system. So we need to simplify patch management and create tools to do this effectively and consistently."
Microsoft has many goals for its next-generation installer technology. Hotfixes, security patches, and other updates shouldn't always require reboots, the company told me. Simpler and more consistent ways should exist to determine which patches are already installed and which critical updates need to be installed. Patches should be delivered as quickly as possible, reducing customers' exposure to problems. And, of course, patches should work properly the first time and not introduce new problems.
Windows Installer 3.0 is only part of the answer. The company will shore up its patch infrastructure in the coming months, then update services such as Windows Update and Microsoft AutoUpdate to work off the new common back end. Later, a wide-reaching service, currently known only as Microsoft Update, will provide updates for all the company's applicable products. The company will then update other patch-management-related products--such as Microsoft Systems Management Server (SMS), the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Software Update Services (SUS)--to take advantage of the new infrastructure.