*Quote*
First, depending on the number of networked PCs in an organization, "how many people does Microsoft recommend should be hired full-time to run round installing patches?"
*Quote end*


If companies bothered to use SUS (which is free by the way) the answer would be simple: ONE person.

ONE person who will subscribe for security notifications from Microsoft so s/he would know when to download a new patch for testing.

Having tested the patch that ONE person would then approve the patch on the SUS server for all the clients to download and install.

Then ONE person could use the free tool from Microsoft to scan his/her network for any rouge clients whom for some reason or other did not manage to install the patch from the SUS server.

I know the anti-Microsoft lobby now will claim that SUS will barely manage to patch 25% of the clients on a good day. Who am I to know better, I?m only a lowly MCSE so what do I know ;)

*Quote*
Second, when Microsoft advertises that Windows yields the "lowest" total cost of ownership, how much of that amount factors in the cost of patching the system every week?
*Quote end*

Read the above answer.

*Quote*
And third, "why does Microsoft rely on hackers and tiny security analysis firms to discover [these bugs] by reverse engineering?"
*Quote end*

No idea. You got me there.

But because I do bother to implement good patching routines Nimda, Blaster, Slammer and so on has never been a problem for any of the networks I?ve managed. But then again, I do follow Microsoft guidelines so ?obviously? I must be doing something wrong.





[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/185/22301#22301