Hackers around the world work day and night to dent Microsoft Corp.’s armour; that’s why companies must diligently deploy patches and software updates for all their Microsoft software.
Andy Papadopoulos, president of Legend Corp., a Microsoft partner in Toronto, said 90 per cent of security breaches result from misconfiguration of systems, with a high percentage of those resulting from missing patches. Microsoft doesn’t want to take the blame, so it is trying to make it easier for smaller companies to keep their software secure and up-to-date, he added.
Currently, most large enterprises use Microsoft’s Systems Management (SMS) to push out updates and patches, but smaller companies have to rely on other methods. One option is Microsoft’s free Software Update Services (SUS).
Earlier this year, Microsoft released a beta version of SUS’s successor, Windows Server Update Services — Update Services for short — which includes support for a greater breadth of Microsoft software.
Features unique to SMS but not SUS or Update Services include asset management, the ability to push out software functionality updates to the desktop and remote management capabilities.
SUS supports Windows XP, Windows 2000 and Windows Server 2003, said Derick Wong, senior product manager, security and management at Microsoft Canada Co. in Mississauga, Ont.
However, Update Services will provide updates and patches for all those plus Office XP, Office 2003, SQL Server 2000, SQL Server Desktop Edition 2000 and Exchange 2003, with support for additional products forthcoming, Microsoft said.
Support for more programs isn’t the only change. SUS could only do critical patches and included no reporting capabilities, Papadopoulos said. For example, with SUS, if you pushed out an Windows XP Service Pack 2 (SP2) to 200 desktops, there was no validation piece, so there was no way of knowing if the push succeeded, Papadopoulos explained. That meant you would have to run a Microsoft Baseline Security Analyzer (MBSA), which scans for necessary security updates through Update Services, to determine if the deployment was successful.
Additionally, Papadopoulos said, unlike SUS, Update Services offers more than just critical patches — all software updates are available through Update Services.
But Steven Fung, CTO at Dynamix Solutions in Markham, Ont., is mostly looking forward to the ability to schedule updates through Update Services. Dynamix is a managed service provider that provides software and network hosting services. With SUS, Fung found he had to update his systems manually.
Dynamix tries out updates on test servers before it rolls them out to its clients, because many of them run niche property management software and these sorts of niche programs are usually not tested by Microsoft with their patches and updates, he said.
Though Fung will still test patches and updates on his test servers, he will be able to schedule Update Services to download the patches and updates to clients.
Quick Link: 055306