Patch testing is crucial to helping you ensure each patch is effective and compatible with your critical applications when applied. However, some patches are so critical they must be rushed to implementation without going through proper testing. Even worse, your network may already be impacted by some exploit that requires immediate attention -- leaving you with little choice but to deploy an untested patch and risk breaking applications....
How can you address this problem?
A plan for rolling back or undoing patches to restore a system to its previous state should always be included in your patch management process. Here are some tips to help you recover from issues caused by untested patch deployment.
- Test your knowledge of the vulnerability management process with this quiz.
- Bookmark our collection of resources on patch management strategies and tactics.
- Information Security magazine identified the best patch management products of the year 2004.
Use Windows System Restore
Windows System Restore will return your Windows computers to pre-patch state without losing personal data files. This tool differs from backup utilities because it only monitors a core set of specified system and application file types, rather than all files. Some patches may prompt Windows to create a restore point on its own, but you can also create one manually. To do so on Windows XP, navigate to Start/All Programs/Accessories/System Tools/System Restore and select "Create a restore point." If something goes awry you can simply go back into System Restore and select "Restore my computer to an earlier time" to undo the damage.
Use rollback features in patch management software
Patch management applications such as St. Bernard's UpdateEXPERT or PatchLink's PATCHLINK UPDATE 3D not only allow you to administer the patch management process and deploy patches, they also enable you to selectively undo or roll back patches that may be causing problems. The rollback process varies by product. Some products have their own mechanisms for tracking changes made by patches so those changes can be undone, while others simply uninstall patches that are designed to be easily removed. You should research the various products to make sure rollback features meet your needs.
Backup your systemsEven if you've conducted extensive patch testing, minute differences in a production system may still interact catastrophically with a patch. By performing a system backup of all files immediately before deploying the patch, you'll be guaranteed to have the ability to restore your system to its pre-patch state.
About the author
Tony Bradley is a consultant and writer with a focus on network security, and antivirus and incident response. He is the About.com guide for Internet/Network Security, providing a broad range of security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.
This tip originally appeared on our sister site, SearchWindowsSecurity.com.