Guest Blogs

Blog archive

Patch Happy

**It's guest columnist time! Doug Barney is traveling this week, so filling his chair today is Michael Desmond, former editor-at-large of Redmond and founding editor of our newest publication, Redmond Developer News. Stay tuned for more guest columnists throughout the week.**

IT managers might still be scrambling after last Tuesday's out-of-band patch to fix the urgent Windows Animated Cursor Handling flaw. Now we learn that tomorrow's scheduled patch will likely offer five Windows fixes, including at least one that merits a "critical" designation.

Some of the new patches will likely require a system restart, which could make life a bit complicated as IT managers try to sequence things so that services and servers don't fall offline. The critical update, targeting Microsoft Content Management Server, also demands a reboot.

Finally, some folks have expressed outrage that the animated cursor flaw had apparently been known to Microsoft for months. While the delayed remediation allowed an exploit to emerge, Microsoft in a blog posting contends that the time on task allowed Redmond to fix a series of vulnerabilities related to the flaw.

As ever with these urgent patches, it all seems to come down to a precarious balancing act. Does Microsoft rush patches to fill a hole before it can be attacked, and risk breaking or missing something critical in the process? Or should it take the time to build a more durable and manageable fix, knowing that the delay could leave systems wide open to attack?

What's your preference? Tell us at dbarney@redmondmag.com.

Posted by Michael Desmond on April 09, 2007 at 11:53 AM