One of the biggest issues facing Microsoft's enterprise customers today is patch management, primarily because the company's many products all have their own tools and methods for providing software updates. The problem is exacerbated by the bewildering number of product revisions, language versions, and other product differentiators, many of which require the software giant to issue multiple patches for the same vulnerabilities. And finally, because many of its tools use different patch infrastructures, customers often see different results when they use products such as Windows Update (WU), Baseline Security Analyzer (MBSA), Software Update Services (SUS), and Systems Management Server with the SUS Feature Pack. To fix these issues, the company is overhauling its patch management infrastructure and will unleash a new generation of patch management tools for its customers as soon as early 2004.
Today, Microsoft's patch management solutions are, well, patchy at best. The company often provides incomplete and inaccurate patch information, it admits, inadequate assessment and deployment tools, an inconsistent patch experience because of the wide range of installer types the company uses, and it produces poor quality patches. The latter point is a tough spot for the company, which is walking the line between delivering high-quality patches and delivering patches quickly. Changes to the underlying infrastructure should help it do both.
News source: WinInfo