Software Update Management Guidelines

  • Article

To learn how to determine which updates are critical, useful, irrelevant, or harmful to your enterprise and to create a software update management process for your enterprise, you can do several things:

  • Be familiar with the current state of the resources in your enterprise. This includes knowing:

    • The computers in your enterprise.

    • Operating systems and versions running on each computer.

    • Software updates in use on each computer (service pack versions, software updates, and other modifications).

    • The function each computer performs in your enterprise.

    • The applications and programs running on each computer.

    • Ownership and contact information.

    • The assets present in your environment and their relative value to determine which areas need the most protection.

    • Known security problems and the processes your enterprise has for identifying new security issues or changes in security level.

    • Countermeasures that have been deployed to secure your environment.

    You should update this information regularly, and it should be readily available to those involved in your software update management process.

  • Read the white papers listed in Table 6.2 for information and guidelines for establishing a software update management process in your enterprise by using SMS and the Feature Pack tools. These white papers are available at the Microsoft Solutions for Management Web site at https://www.microsoft.com/solutions/msm.

    Table 6.2 Software Update Management White Papers

    Title

    Definition

    Update Management Using SMS/Architecture Guide

    Provides architectural guidance for deploying software updates, service packs, and Hotfixes by using SMS and the Feature Pack tools.

    Update Management Using SMS/Deployment Guide

    This white paper provides conceptual information, best practices, and detailed procedures that are related to distributing and managing software updates by using SMS, including essential maintenance tasks and team role responsibilities.

    Update Management Using SMS/Operations Guide

    This document provides operational guidance for deploying software updates, service packs, and Hotfixes by using SMS. It describes the daily, weekly, monthly, and as-needed tasks that have to be completed to deploy updates into a live production environment.

  • Be informed about the latest security developments and technology. You can be informed by reading, using Web sites, and joining newsgroups to get the latest information.

  • Use the SMS software update management components to streamline and automate some of the functions associated with security update inventory, deployment and management tasks, such as:

    • Conducting an audit of applicable and installed security updates for all the computers in your enterprise.

    • Authorizing and deploying the updates to the appropriate computers.

    • Tracking the inventory and update installation status and progress for all the computers in your enterprise.

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com.