Re: rephrasing and large patches
Michael do me a favour and move over and let the grown ups talk
“So it's now Microsoft's fault you have remote sites with inadequate infrastructure?”
Of course it isn’t and in an ideal world we would all have limitless resources to do whatever we want. In the real world however you try requesting a couple of million dollars to upgrade the network everywhere to the spec required once per month for Microsoft patches, if they are going to continue with this sort of thing. The network is fine for business use all month and just craps out when we approve large MS patches.
“It’s Redmond's fault that you're choosing to delay patching your systems?”
Actually yes it is- the size of the patches means we have to try to drip feed them somehow and the inadequacies of the WSUS patch mechanism do not allow for the multiple overlapping grouping we need to be able to do this effectively.
The BITS service which will try every so cleverly on your single home machine to not swamp your single PC network is crap at this on large networks -multiple machines join together and consume as much bandwidth as they can.
Add to that an enormous patch which also has seemingly several documented issues installing and yes it’s Microsoft’s fault that we have to patch slowly and carefully – our business does not exist solely to patch machines, it exists to do business
“Perhaps you'd prefer MS not repair vulnerabilities at all?”
Of course I wouldn’t – but a little more work to roll out a more streamlined patch which doesn’t have so many bugs would be appreciated, this one seems almost as rushed as a zero day patch
“You not having the resources to deploy the patch as fast as you want does not place onto Microsoft the burden of your inadequacy.”
As already stated our network is quite adequate for our needs once we remove the burden of huge patches resulting from Microsoft’s inadequacy
In general there are a lot more people out there with a lot more complex problems than your home PC (and yeah I know it’s a state of the art haxorz beast) or dinky work network.
When the PCs I manage in a remote location in a jungle somewhere and the PCs others have mentioned get infected, end up part of a botnet and start attacking your machine who are you going to whine to then fanboy? Or did you not think that far ahead?
Rollout of patches in this manner doesn’t just impact those who don’t have infinite resources – it impacts you too, nice huh?
Anyway – is anyone aware of a simple tool or similar for assessing how much of the 75Mb patch each machine needs so we can better plan a gradual rollout?, just a thought