Microsoft's patch manager gets a refresh

By Margie Semilof, News Director 21 Apr 2006 | SearchWinIT.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Some might say that comparing Microsoft's free Windows patching tool, WSUS, to a full-blown patching tool that comes with a price tag would be like comparing a KIA to a Mercedes-Benz.

But Windows Software Update Services (WSUS) 3.0, which makes its formal debut next week at the Microsoft Management Summit in San Diego, Calif., is looking less and less like the humble patch management tool of yore.

According to a blog posting by Craig Marl, a Microsoft program manager, the new WSUS will offer a new user interface, custom views based on products, classifications, sync date and the groups the updates are approved for. Also there is new filtering based on approvals and the status of a client.

In WSUS, the notion of approved for detection goes away. Users can build views where they can see which updates are unapproved and needed by clients. WSUS 3.0 will also allow for nested target groups, Marl said.

Many of the features Microsoft added to the 3.0 version of WSUS have long been available in paid-for products.

Originally called SUS 2.0, Microsoft renamed twice -- first WUS and then WSUS. WSUS was finally released in June 2005. Each version has offered more granular control of patching.

There is, however, one big downside to the product: It can only patch Microsoft platforms and not even all Microsoft platforms at that. Third-party patch managers can usually support Linux and Unix as well as third-party applications. WSUS also does not support uninstalls. That feature is part of Systems Management Server (SMS), Microsoft's fully featured desktop management software package.

One IT expert said that IT shops are using WSUS and scaling it out more than she believes anyone -- including Microsoft -- would have ever anticipated. "The OS has to support patch management," said Susan Bradley, a Microsoft MVP and CPA at Tamiyasu, Smith, Horn and Braun, a Fresno, Calif., accounting firm. "If it's being used more than you thought, then you built it better than you thought. You just have to have patch management built into the OS."

Bradley uses a patch manager from Shavlik Technologies, in Roseville, Minn., because she says it gives her more control than she would get from WSUS. "It's one of those things. You get what you pay for."

Other vendors that make patch management products are Altiris Inc., Configuresoft Inc., Ecora Software Corp., St. Bernard Software, Patchlink Corp. and BigFix Inc.

This article originally appeared on SearchWinIT.com.

Tags: Security Patch Management,  Windows Security: Alerts, Updates and Best Practices,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Adobe patches ColdFusion vulnerability blocking website attack Microsoft to address DirectShow, ActiveX zero-day flaws Adobe fixes critical Shockwave Flash Player flaw Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates Adobe issues first quarterly patch release fixing 13 flaws Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Adobe shifts to Microsoft patching process, incident response plan Software delivery could fix software patching issues Microsoft updates Office to address serious PowerPoint vulnerabilities Windows Security: Alerts, Updates and Best Practices Microsoft to address DirectShow, ActiveX zero-day flaws New attack code targets Microsoft ActiveX zero-day vulnerability When BIOS updates become malware attacks Microsoft patches WebDAV security vulnerability in bevy of updates Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Hackers targeting unpatched Microsoft DirectShow flaw Microsoft warns of IIS zero-day vulnerability Microsoft updates Office to address serious PowerPoint vulnerabilities Microsoft to patch critical PowerPoint zero-day flaw How to perform Microsoft Baseline Security Analyzer (MBSA) scans

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary