By Christopher Budd, Security Program Manager, Microsoft Corporation
1. Service packs should form the foundation of your patch management strategy.
2. Make Product Support Lifecycle a key element in your strategy.
3. Perform risk assessment using the Severity Rating System as a starting point.
4. Use mitigating factors to determine applicability and priority.
5. Only use workarounds in conjunction with deployment.
6. Issues with Security Updates are documented in the Security Bulletin Master Knowledge Base Article.
7. Test updates before deployment.
8. Contact Microsoft Product Support Services if you encounter problems in testing or deployment. An important thing to remember is that Microsoft provides no-charge support for issues related to security updates. You can get in touch with Microsoft for security bulletin support through the Security Support Site at http://support.microsoft.com/securityitpro
9. Use only methods and information recommended for detection and deployment.
10. The Security Bulletin is always authoritative.