top | item 3278987

(no title)

fakeempire | 14 years ago

"I have found the policy of installing all updates when first setting up a Windows server and then never touching it again to work quite well."

I think you need to reevaluate your policies immediately. Not applying security patching isn't a good policy.

discuss

nobody314159265|14 years ago

You have a choice between:

The chance of someone bothering to hack you multiplied by the chance that the new patch doesn't include several new security bugs

Or the chance of a new untested patch bringing down your business.

mkchandler|14 years ago

This is why we use QA servers for most of our systems. We try our best to test all functionality on a patched QA server before deploying patches to our production servers. We have had good success doing this (with Windows at least.)

DanBC|14 years ago

No. You wait a few hours (maybe half a day) and see how other people get on with the patch. Then you patch.

Or you leave more holes for the automated bots and worms to exploit.