Patch management

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I'd like to see a single, chronological listing of all the updates that have
been released for XP, in the following format if possible. Can anybody tell
me if there exists such a thing or similar? It is so frustrating to keep
clicking from KB article to KB article rather than view a specific system's
updates on a single patch with links to the KB articles. It seems you have to
already know what you are looking for before you look for it, rather than be
able to see all available current updates in one location.

patch12324 - (NOTE: included in rollup1234)
- date released
- what it does
- who it applies to
rollup1234 - (NOTE: included in SP2)
- date released
- what it does
- who it applies to
- what it includes
patch2345
- date released
- what it does
- who it applies to

etc...
 
List of fixes included in Windows XP Service Pack 2
http://support.microsoft.com/default.aspx?scid=kb;en-us;811113&Product=windowsxpsp2

Microsoft Security Updates
http://www.microsoft.com/security/bulletins/default.mspx

Microsoft Security Guidance Center: Patch Management Index
http://www.microsoft.com/security/guidance/topics/PatchManagement.mspx

Understanding Patch and Update Management: Microsoft’s Software Update Strategy
http://www.microsoft.com/technet/security/topics/patch/patchmanagement.mspx

Microsoft Security Guidance Kit CD v1.0
http://www.microsoft.com/security/guidance/order/default.mspx

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

---------------------------------------------------------------------------------------

:

| I'd like to see a single, chronological listing of all the updates that have
| been released for XP, in the following format if possible. Can anybody tell
| me if there exists such a thing or similar? It is so frustrating to keep
| clicking from KB article to KB article rather than view a specific system's
| updates on a single patch with links to the KB articles. It seems you have to
| already know what you are looking for before you look for it, rather than be
| able to see all available current updates in one location.
|
| patch12324 - (NOTE: included in rollup1234)
| - date released
| - what it does
| - who it applies to
| rollup1234 - (NOTE: included in SP2)
| - date released
| - what it does
| - who it applies to
| - what it includes
| patch2345
| - date released
| - what it does
| - who it applies to
|
| etc...
 
Yeah, but unfortunately, again, everything is layered in links and more
links... not really a consolidated location. So far, I've found the
windowsupdate catalog is the best source, but even that lists patches that
have already been included in later rollups without telling you that.

Basically, I'm trying to set up a situation where I can take a brand new
computer, install a clean XP version, apply all the patches necessary to get
it up to speed, without having access to the internet, before I put it on a
private network, and there is no centralized location.

The SP2 "included patches" page is somewhat useful, but what about post SP2
patches, or patches for systems for SP1a (as my supervisor has not yet
approved SP2).

So far, it's quite a headache, especially since the IE6SP1 updates are
generally listed separately from XPSP1 updates, etc... plus all the non-OS
updates, like MDAC, XML, etc...

I've checked out the links provided, but it's still not quite what I'm
looking for, although i appreciate the response.

Maybe somebody else has a better idea.
 
Okah said:
Yeah, but unfortunately, again, everything is layered in links and more
links... not really a consolidated location. So far, I've found the
windowsupdate catalog is the best source, but even that lists patches that
have already been included in later rollups without telling you that.

Basically, I'm trying to set up a situation where I can take a brand new
computer, install a clean XP version, apply all the patches necessary to get
it up to speed, without having access to the internet, before I put it on a
private network, and there is no centralized location.
Click to expand...
Hi

Here is what I would have done:

Installed the newest service pack available to me.

If WinXP SP1, installed this one:

Update Rollup 1 for Windows XP Is Available
http://support.microsoft.com/?id=826939

Installed the latest MBSA (more info below).

Copied in the latest MSSecure_1033.CAB file to the MBSA folder (more
info below).

Run MBSA to get a report of missing security updates.



Info about MBSA and MSSecure_1033.CAB:

<quote>
Microsoft Baseline Security Analyzer (MBSA):

The Microsoft Baseline Security Analyzer allows administrators to
scan local and remote systems for missing security patches as well
as common security misconfigurations. More information on MBSA is
available at:

http://www.microsoft.com/technet/security/tools/mbsahome.asp

</quote>

and

Microsoft Baseline Security Analyzer (MBSA) 1.2 Q&A
http://www.microsoft.com/technet/security/tools/mbsaqa.mspx

and

Each time MBSA is run it will attempt to connect to the Internet to
download the CAB file containing MSSecure.XML from Microsoft. If an
Internet connection is not available, the tool will look for a local
copy of the CAB/XML file in the tool installation folder.

For machines that never connect to the Internet, you can separately
download this file from here:

ENU (code page 1033): http://go.microsoft.com/fwlink/?LinkId=18922
DEU (code page 1031) : http://go.microsoft.com/fwlink/?LinkId=18121
FRN (code page 1036) : http://go.microsoft.com/fwlink/?LinkId=18122
JPN (code page 1041): http://go.microsoft.com/fwlink/?LinkId=18120


MBSA has it own newsgroup as well:

microsoft.public.security.baseline_analyzer
 
Back
Top