Posted: 27 January 2005 at 9:28pm | IP Logged
REPORT: The best way to patch without fatalities
The best way to
ensure that you'll have a successful patching process is to make sure your
system is healthy to begin with.
Ask yourself, does it reboot without any
issues on a regular basis? Do you have protection against malware, viruses, and
have a firewall? Do you not accept patches for drivers?
have personally seen Windows Update offer me driver patches in the Critical
Security Patch window on Dell workstations. Each Original Equipment Vendor
apparently has the right to offer updates in this section, which I expect to be
restricted to security updates only.
As a rule, I never apply driver
patches from Windows Update. If I feel a driver patch is warranted, I'll visit
the hardware vendor's Web site to find the appropriate patch.
some basic rules of applying patches. While I turn on automatic patching on my
workstations, I don't do it on any of my servers and certainly don't allow any
systems to automatically reboot.
I would much rather reboot when I
decide, ensuring that all other programs are closed before rebooting.
Furthermore, I don't personally say "Yes, please reboot" when a patch session
prompts me. I'll manually click on Start, Shut down to ensure that the system
properly closes down.
In reviewing the listserves and newsgroups, I
haven't noticed any major issues with the January patches that would cause me to
hold off patching machines. In fact, I patched all of my workstations and
servers on the Friday after Patch Tuesday. I personally wait until Friday to
fully roll out all patches, just in case I run into any issues. I then have the
weekend to recover, should something bad occur.
While I can say that I
honestly have not had a bad patch experience in a long time, as a general rule I
don't patch before a crucial business deadline. I always wait for a time when I
can deal with unexpected issues, should any arise. I always assure myself that
the machine reboots without any issues before applying
The bad reboot
I've been there. You reboot your system and it just
does not come back to life. Rats! Now what do you do?
Windows XP, there are several options, including the option of booting into the
"Last Known Good Configuration." I personally have been able to insert the
Microsoft Windows XP CD-ROM, allow the computer to boot from the CD, and then
perform a "repair install" of XP. This resulted in no loss of data when I was
faced with a particularly unsuccessful update.
Remember that if all else
fails, you can always call the technical support line of Microsoft. Any issue
with a security patch is a free call, but that still means you have to deal with
the after-effects. In the U.S., you can call Microsoft at 866-727-2338 if you
have any issue with a patch. In other countries, check Microsoft's to look up the correct local number.
As cheap as USB pen drives
are these days, I recommend that you save any critical documents to external
devices and drives. From a 1 gig USB drive to a Mirra Personal Server, all of us
need to make sure that we have backup devices for our critical information. It's
critical with today's large hard drives that we have backups.
many cases your system will give you hints as to what is wrong with
If you have Windows XP or 2000, start the Control Panel, open
Administrative Tools, then Event Viewer, and view the "log" files. Inside the
viewer are two logs that I review: application and system. If you see any "red
stop signs," double-click these entries and write down the error codes. Then
which can give you helpful hints on corrective actions.