Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

The Importance of running OfficeUpdate

Status
Not open for further replies.
jrbarnett

jrbarnett

Programmer
Jul 20, 2001
9,645
0
0
GB
Everybody,

Much has been written about the importance of keeping Windows up to date with service packs and patches from WindowsUpdate to secure the operating system against the latest vulnerabilities.

However, what has been written about far less is the need to use Office Update on appropriate machines to keep such applications up to date with patches and fixes.
Is this in widespread use? Is it used routinely like OfficeUpdate? If so, why does the automatic update routine not download application as well as operating system updates?

For those who haven't heard of the system, the OfficeUpdate URL is at:

John
 
Sort by date Sort by votes
The idea of updating regularly is a good one in theory.
Unfortunately, MS has a track record of breaking things with updates, and more importantly, of managing to introduce new vulnerabilities on top of old ones that updates do not fix.
Plus, these updates are a major threat to application stability in the corporate world, where many different types of applications run on any given PC. Some of these applications are business-critical, and it is very bad when they can no longer run from one morning to the next simply because a broken update was installed, or a good update had an unintended consequence.
The bottom line is that auto-updating is a pipe dream and will remain so for the forseeable future. Wise administrators, as well as anybody who has had to manually reconfigure a parc of 100+ PCs because of an ill-fated "update", will prefer to use a test bed to evaluate the impact of the update before rolling it out to the rest of the parc. In other words, there is no "auto" in the update process. It is a controlled process, decided manually and with great supervision.
And even then, bad things can happen because the test bed is never 100% representative of the existing environment.

My 2 cents.

Pascal.
 
Upvote 0 Downvote
Pascal,

My own view is that until very recently I erred very much on the side of caution, only applying service packs a few months after they were released, and never using Windows Update because they had been known to break things as you say.

However, that changed about a month ago when I went to visit a former employer and found that they had been hit very badly by a number of viruses (despite keeping the AV software up to date) and as a result had implemented a policy whereby the full set of critical updates applicable to that PC would be installed whenever computers would come in for other work, and critical patches for fixing vulnerabilities that are used by current viruses/malware would be forced through by ZenWorks, as well as updating the local antivirus software via the login script.

Have they had computers trashed with WindowsUpdate breaking systems, requiring a reinstall? Yes, but the number of machines that this has broken is minimal compared to the numbers that need major attention after a virus outbreak to which the AV software hasn't picked up.

I was just wondering if a similar principle should be applied to office software?

John
 
Upvote 0 Downvote
i agree with jrbarnett ,

Our compagnie had to put pc on auto because people were always dissmissing windows update when it flashed.We have been hit pretty bad by the rpc virus couple of months back and all would have been avoided if every one had updated properly.The thing is, as long has a pc was not updated and another one was infected in the wan(which runs across the whole North america)it was being infected as soon as it came online.Then it took like 2-3 days to finally find where the last remaining infected computer was.

We had a constant hit on port 135 and knew the ip,but finding which park it was on took a long time(Actually the admin of that park was sleeping on gas or something).

Even worse,everybody heard about the HL2 source being stolen?Well from what i read from the manager that got his computer hacked, they used a bug in the buffer overflow of outlook.(express?)I know for a fact that there has been an update for a buffer overflow bug with any software running vba macro's 1 month ago.So it would have been avoidable(Although they would have found another way for sure).

And they're is an insane amount of horror story that we can find about not updating as soon as an update is available.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

johnnygage
  • Locked
  • Question
Anyone gotten rid of their server monitoring system? 2
Replies
11
Views
191
fredericofonseca
fredericofonseca
goombawaho
  • Locked
  • Question
Customer doesn't care about anti-virus, running Windows XP
Replies
10
Views
161
goombawaho
goombawaho
johnnygage
  • Locked
  • Question
Can you interview at the drop of a hat? 2
Replies
5
Views
295
SamBones
SamBones
goombawaho
  • Locked
  • Question
Time estimate for the following items 3
2
Replies
39
Views
296
goombawaho
goombawaho
johnnygage
  • Locked
  • Question
they want me to get a flu shot 12
2 3
Replies
54
Views
493
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top