BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Catch up on the Windows Server patches of 2017
-
Article
Microsoft releases fixes for three exploits for January Patch Tuesday
Microsoft issues three bulletins to close vulnerabilities in Microsoft Office, the Edge browser and a Windows Server service. The company also supplied a fix from Adobe for its Adobe Flash Player application. Read Now
-
Article
'Last-minute issue' delays February Patch Tuesday
Microsoft delays the release of security bulletins for February Patch Tuesday until March, due to a last-minute issue. One administrator now mulls whether to apply a manual fix for a zero-day vulnerability. Read Now
-
Article
March Patch Tuesday returns with zero-day vulnerability fix
After a month-long delay, Microsoft releases 17 updates on March Patch Tuesday and addresses several known vulnerabilities that can affect Windows Server administrators. Read Now
-
Article
Microsoft swaps security bulletins for new Security Update Guide
On April Patch Tuesday, Microsoft officially switches from verbose security bulletin format to the database layout of the Security Update Guide. Windows Server admins should be aware of a Hyper-V host patch. Read Now
Editor's note
IT organizations depend heavily on Windows Server to manage the infrastructure, users and their devices, using features such as Active Directory and products like System Center. Windows Server also provides the backbone for numerous business-critical applications, such as Exchange Server and SQL Server.
Because of Windows Server's importance in a shop that depends on Microsoft's technology stack, administrators take extra care when they patch the server operating system. One bad update can take down the entire data center. Microsoft's monthly security updates bring additional stress to administrators with numerous enterprise systems based on Windows Server -- a fix for the server operating system could break the functionality in an important third-party application.
This essential guide to 2017's monthly Patch Tuesday news stories and related articles helps administrators understand and implement Windows Server patches, whether it's the next day, next month or next quarter.
1A window into patching Microsoft systems
Security is a 24/7 concern -- not just something to think about on Patch Tuesday. Stay in the know with other developments related to the security of Microsoft's operating systems, such as the servicing model change.
-
Article
Microsoft changes servicing model to bundle patches
In October 2016, Microsoft migrated several Windows operating systems to a rollup model that packages individual patches into a single file. IT pros weigh the pros and cons of losing the ability to add and remove individual patches. Read Now
-
Article
How can admins protect systems from a bad Microsoft patch?
System administrators need to act when Microsoft issues a security update, but a bad patch can break systems -- so what's an overworked IT staff to do? Read Now
-
Article
Windows Bash raises concerns about Linux-based exploits
While Microsoft offered developers a way to run Linux in Windows 10, did it also expand the attack surface of the operating system? Read Now
-
Article
Establish a patch management process to reduce pain
Get a grip on the Microsoft patching change by using automation tools and new features like Nano Server to minimize downtime and disruptions to end users. Read Now
2Develop a Windows Server security vocabulary
This glossary of terms related to patches and security will help Windows Server administrators learn about the different threats to systems, and Microsoft's technologies and features for patch management.
-
Definition
denial-of-service attack
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources. Read Now
-
Definition
malware
Malware, or malicious software, is any program or file that is harmful to a computer user. Read Now
-
Definition
Microsoft System Center Configuration Manager
Microsoft System Center Configuration Manager 2012 (SCCM 2012) is a Windows product that enables administrators to manage the deployment and security of devices and applications across an enterprise. Read Now
-
Definition
patch
A software patch or fix helps resolve issues that crop up in different programs. It can also bolster security and add new features to the software. Read Now
-
Definition
patch management
Patch management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system. Read Now
-
Definition
Patch Tuesday
Patch Tuesday is the unofficial name of Microsoft's scheduled release of the newest security fixes for its Windows operating system and related software applications, as detailed in the Windows Security Updates Guide. Read Now
-
Definition
out-of-band patch
An out-of-band patch is a patch released at some time other than the normal release time. Microsoft, for example, normally releases patches on the second Tuesday of every month. Read Now
-
Definition
vulnerability (information technology)
A vulnerability, in information technology (IT), is a flaw in code or design that creates a potential point of security compromise for an endpoint or network. Vulnerabilities create possible attack vectors, through which an intruder could run code or access a target system’s memory. Read Now
-
Definition
Windows Server Update Services
Windows Server Update Services (WSUS), also called Windows Update Services (WUS), is a free add-on for managing patches and updates to the Microsoft Windows XP, Windows Server 2000, and Windows Server 2003 operating systems... (Continued) Read Now
-
Definition
zero-day vulnerability
A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. Read Now