General discussion

Locked

Software Upgrades: To Do or Not To Do

By willy ·
When an upgraded package / version of software comes out, do we upgrade? What triggered this is a Linux installation where such upgrades are (a) free and (b) highly automated through a 'package manager' called 'yum'. I don't believe we should necessarily upgrade every installed package while one of my colleagues feels decidedly different.

Here's what I wrote to him in an email. What does the community think?

Upgrading Software

Not just because Bill Gates says so ...
Not just because yum says so either ...

Reasons to upgrade:
(1) There is a new functionality available in the upgraded software that you definitely need. This would include bug fixes if that particular bug is eating you.
(2) There is an identified security risk with the software in operation and you are using the software in a way which exposes you to such this risk.
(3) As part of a 'farm' wide or 'enterprise' wide upgrade program.

Reasons NOT to upgrade:
(1) The upgraded package may break dependencies somewhere. This is definitely a risk when the upgrade involves moving to a new major release. If it is deemed important to upgrade (see reasons above) you perform the upgrade, if practical, on only one machine. To test the waters as it were. Making sure you have an immediate fall-back should something break. Then, if it works, you do the whole farm.
(2) Upgrading costs labor, therefore money. If something breaks, you may have downtime.
(3) Even if it is a stand-alone package, i.e. Webmin on a Linux box, if the upgrade serves no operational need, it becomes make-work, costing money.
(4) The package is installed but never used. One might argue that it should never have been installed, or should be removed. However, again, this is cost IMHO without benefit. Why is the thing there? Probably because it was part of a standardized load (Linux or Windows or Mac-OSX all come with such baggage). If it doesn't create a problem it's cheaper to leave it alone.

I could go on. But in my experience, upgrading software on working systems should be done very judiciously. The cost is often underestimated. This is one of the reasons that a lot of large enterprises, at least through 2005, were still installing Windows 2000 on new desktops and laptops despite the availability of XP for a number of years. Reason? Experience. Especially with MS, a 'routine' upgrade too often resulted in systems being down - sometimes for a day or more.

Notes:
On dependencies: In an Enterprise environment such dependencies may be in places you don't necessarily think about. Example with database engines: drivers loaded on other machines which may require upgrading to keep working. Applications specifically written for a version, which break with a new version. Seen it happen tooooo many times. In one case a 'routine' upgrade of Great Plains accounting caused Citrix remote access to fail all across the network. Major hassle to turn the clock back ... having to go backups etc. "C" level management asking questions as to why ... not pleasant..

This conversation is currently closed to new comments.

12 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Update Now may force your hand

by SentryWatch In reply to Software Upgrades: To Do ...

Unless you have your PCs locked down, users may inadvertently drive your update cycle when they click on the "Updates are Ready for your computer" balloons that are now popping up with regularity.

The consequences can be seen at http://www.pcprofile.com/Update_Now_Managing_Clouds_and_Moving_Goalposts.pdf

The article also lets you know (for those that don't) how to undo the changes form the Update using the System Restore Point technique.

Microsoft is driving the issue very hard at present (under the cover of security/DRM) and as other software vendors follow then the issue for IT personnel will bring significant unwanted and unnecessary work overload as updates flood the market with "security" (smokescreen words apply here) "fixes".

The amount of ?security updates? appearing has risen rapidly over the last few months prior to the release of Vista using both IE7 and Media Player 11 and "security issues" as a smokescreen to allow them to get you to "validate your copy of Windows".

If you have legal copies there is no problem, but if you don't...... then you won't have long to wait for the crippling effects to start taking effect.

The bottomline with Updates?

Make sure you pick CUSTOM rather than Express so that you can check and see what is being installed BEFORE, so that you can control what is installed. Some desktop users may not be so tech savvy!

Collapse -

Use WSUS to Avoid This

To avoid users inadvertently installing patches in a corporate environment, use a WSUS server. It's free and pretty easy to set up.
If you have Active Directory in place, you can use group policy to control whether users get any update notifications, and you have complete control over what updates get pushed out. We've even created test groups so that we can deploy patches to IT early and test them.
If you don't have Active Directory, you can use some kind of logon script to adjust the registry on your machines to the settings you want.

Collapse -

Some businesses cant handle WSUS

by lasersteel In reply to Use WSUS to Avoid This

I agree at larger shops WSUS is the way to go to minimize the risk, however the reality for small businesses is that they don't have the necessary staff or IT personnel with expertise that can handle the technical aspects of setting up WSUS.

Many have relied on the plug and play mindest promulgated and now are plug and "paying" without realising the downstream implications.

Collapse -

WSUS

by siva_dj In reply to Use WSUS to Avoid This

Can You just help me out to configure WSUS in normal windows 2003 server which has not having Active Directory .

Collapse -

Windows Update

by Wizard Prang In reply to Update Now may force your ...

Agreed. Having worked for years to persuade the user community that they can trust MS to update their computers automatically, MS then rolls non-security-related updates into the systems. From where I am standing this is an abuse of that trust.

Another example is MSs shoehorning IE7 into Windows update. This may be a good thing, but some users do not want to change their browser just because MS things that it is time.

No machine that I have authority or discretion over has Windows Update configured in "blind trust" mode... even though that requires a little more work.

My Ubuntu box requires a little bit of thought before upgrading... but so far they have not added anything that I would object to.

Collapse -

ERP System Upgrade

by TownsendA In reply to Software Upgrades: To Do ...

We have advised our client on JDE World to upgrade because of better functionality, features that have dated the older versions are now available e.g. web enablement and colour screens (for the Smith & Wesson - click and point - brigade).
However beware of licencing implications - upgrade paths may mean switching licence calculation methods. Oracle have been good with promises of no extra costs for those who want upgrades - just continue to pay the maintenance fees.
With ERP systems I would say that it makes no sense to remain on old releases especially with your SOX and and our IFRS requirements.
The bottom line however is "is it fit for purpose" a concept engineers know but not IT personnel.

Collapse -

Upgrading versus Not

We have semi-annual projects to audit all software and determine whether upgrades are necsssary. This includes assessing all of the risks vs. benefits you mentioned. We also try to assess whether switching to another vendor would provide any benefits at that time.
One of the hidden dangers we've found of not upgrading is that the older your software gets, the harder it is to upgrade. In some cases even if you are only a couple of minor versions behind, the upgrade process is almost worse than simply "starting over".
It seems as if software manufacturers are encouraging this by coming up with new releases more often. Back in the old days, you would be lucky to see a major software update once a year. Now it seems like everyone is putting out service packs and hotfixes like it is going out of style.
One of the hidden benefits of upgrading regularly is that it trains your IT staff on the logistics of doing it in a timely, orderly, and documented manner.

Collapse -

Semi Annual Review sounds good ...

by willy In reply to Upgrading versus Not

As long as you recognize that as the cost of doing business. Also, my caveat stil stands that one should be very wary of sometimes undisclosed dependencies. The more specialized or 'custom' software you have, the greater the risk. One specialized publishing package I used to deal with was heavily integrated with QuarkXpress. When we ordered new 'puters and an updated Quark came with them, it broke the application. We now had to find previous versions. You may argue that the vendor of the integration package should have been more on the ball, however, reality is frequently different.

As far as upgrading as a training exercise, sure. I am all for upgrading in an orderly manner. It is the knee-jerk reaction 'must-upgrade-now' that I have an issue with.

Collapse -

LET IBM SOLVE THIS ONE FOR YOU

by BALTHOR In reply to Software Upgrades: To Do ...

I could not imagine anybody but the experts installing and maintaining our factory's machines.Let the experts install and maintain your company's computer network.

Collapse -

Virtualized Applications

by glenmy In reply to Software Upgrades: To Do ...

Absolutely, Willy!
It is very costly to upgrade OS's and applications when things break unexpectedly all over the place. This is why the next "big trend" in software is likely to be virtualized applications (please excuse my "shill mode" tone). If you can take an app and bundle it with its dependencies/configuration settings, then you can be confident it won't break when you patch the OS (even you admit that under some circumstances you have to run the upgrade). And, if you virtualize the application, you can "undo" application upgrades very painlessly when they don't work right.
I happen to work for Trigence, which offers virtualization for Linux & Solaris, but Microsoft liked the idea so much that they bought Softricity (which sort of does virtualization as I describe for Windows desktop apps).
If you are going through "upgrade ****" you really should look into this.

--Glen

Back to Microsoft Forum
12 total posts (Page 1 of 2)   01 | 02   Next

Brands Forums