Security

Microsoft simplifies the process of identifying needed patches

Finding patches for specific versions of Microsoft products has always been a frustrating task—until now. Microsoft has updated its TechNet Web site to make it easier to locate needed patches. Here's a look at the details.


For a network administrator, keeping up with system patches, security updates, and virus alerts can be an extremely time-consuming task. But if you work with Microsoft products, here’s some good news: Microsoft has added a major enhancement to the security/patch system on its TechNet Web site. You can now get a list of all required patches based on the product and the latest service pack that you have installed.

Microsoft’s new search tool
Most admins who manage Windows NT/2000 networks and other Microsoft products are very familiar with Microsoft’s TechNet Security site. This site provides notifications of the latest patches and updates to Windows and other products and enables you to download all of them from one place. Although this consolidation is helpful, sorting through all the patches and trying to decide which ones you need can still be a daunting task.

Fortunately, Microsoft has recently added an excellent enhancement to the site. You can now search for all patches by individual Microsoft programs based on the last service pack you installed, as shown in Figure A. This allows you to quickly determine just which patches should be applied to your particular software at the current stage of maintenance.

Figure A
Select your product and your current service pack to find out what patches you need.


You can also receive alerts of new patches automatically by subscribing to Microsoft’s Security Notification Service. These alerts will arrive in your e-mail inbox the same day they are posted on Microsoft’s site.

Why update?
Many organizations fail to install patches simply because it’s so difficult to determine which patches should be applied. This failure to update systems can create serious security threats, as demonstrated by the recent hacks of U.S. banks running Web servers on Windows platforms. (Read this TechRepublic article or the FBI’s recent NIPC advisory for more on this subject.)

The TechNet enhancements should help organizations keep their Microsoft products updated and more secure—but, of course, the onus is still on the network administrator to implement a successful policy for maintaining updates.
We like to think that TechRepublic can be one of your most useful resources for security information and updates. Search our site for articles relevant to current security issues from digital certificates to Cisco access control lists. You can read John McCormick’s security-focused Locksmith column on Mondays, and every Friday, our Exterminator column lists new updates and patches from Microsoft, Novell, and Linux, as well as virus updates from Trend Micro. For additional security Web sites, download our list of security links.

Editor's Picks

Free Newsletters, In your Inbox