Category Archives: 2182

Ten Principles of Microsoft Patch Management

Ten Principles of Microsoft Patch Management

By Christopher Budd, Security Program Manager, Microsoft Corporation

1. Service packs should form the foundation of your patch management strategy.

2. Make Product Support Lifecycle a key element in your strategy.

3. Perform risk assessment using the Severity Rating System as a starting point.

4. Use mitigating factors to determine applicability and priority.

5. Only use workarounds in conjunction with deployment.

6. Issues with Security Updates are documented in the Security Bulletin Master Knowledge Base Article.

7. Test updates before deployment.

8. Contact Microsoft Product Support Services if you encounter problems in testing or deployment. An important thing to remember is that Microsoft provides no-charge support for issues related to security updates. You can get in touch with Microsoft for security bulletin support through the Security Support Site at

9. Use only methods and information recommended for detection and deployment.

10. The Security Bulletin is always authoritative.


Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy — Bobbie Harder [WSUS PM]

Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy (Published: May 4, 2006)
Bobbie Harder [WSUS PM] has recently published an article on Security Guidance in Microsoft Security Newsletter – Volume 3, Issue 5. This is a MUST reading for new WSUS Admins.

Patch Management articles on TechNet Magazine

Just noticed the November December issue of TechNet Magazine and articles on Patch Management;

Patch Management

Next Generation Patch Management: Introducing Windows Server Update Services

Keeping system software up to date is critical. Windows Server Update Services (WSUS) simplifies the process, offering an efficient way for IT administrators to manage and deploy updates.

Jason Leznek


A Hands-On Guide to Hands-Off Updates with WSUS

Learn everything you need to know to install, configure, and start using WSUS to manage updates throughout your organization.

Jeremy Moskowitz


Maximize the Power of SMS with New Tools for Managing Updates

SMS 2003 offers a powerful way to scan clients, configure phased updates, and perform custom deployments. Here’s how to use it.

Bob Lawler