To check whether you need to apply any patches released since SP4 you should run the Microsoft Baseline Security...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Analyzer (MBSA), which can check for uninstalled patches and updates. You can also scan your server against vulnerable configurations. To view the list of uninstalled security updates and links to the security bulletin that contains the patch, or instructions about obtaining the patch, open the result details link once the security updates check has run. Each security bulletin also includes information about registry values, file versions and configuration changes you can use to verify that the patch is installed. You can download MBSA for free at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/mbsahome.asp.
Run the MBSA on a scheduled basis to check for the latest operating system and components updates. I also recommend subscribing to the Microsoft Security Notification Service, which keeps subscribers informed of all the latest security problems and fixes. You can find details about it at http://register.microsoft.com/subscription/subscribeme.asp?ID=135.
In my opinion the easiest software solution to use for managing patch installation is HFNetChkPro from Shavlik Technologies. (Shavlick developed the HFNetChk scanning engine that MBSA uses.) There is a Basic Edition that is aimed at smaller organizations that do not need advanced patch management functions such as scheduled scans and e-mail support. You can find more information at http://www.shavlik.com/hfnetchk-windows.aspx.
Dig Deeper on Security patch management and Windows Patch Tuesday news
Related Q&A from Michael Cobb
Attackers using crafted TIFF images can exploit flaws in the LibTIFF library to carry out remote code execution. Expert Michael Cobb explains how ...continue reading
Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the ...continue reading
An Intel chip flaw lets attackers bypass ASLR protection on most operating systems. Expert Michael Cobb explains the vulnerability and how to prevent...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.