لطفا منتظر باشید ...
Hack 83 Apply Patches in the Correct Order
Deploying patches properly can sometimes meanapplying them in the right order, as this experience can
testify.There is a specific order you should
follow when applying Microsoft
security patches. Microsoft's policy (a little
understated) is that you need apply patches in the order in which
they are released. Understanding Microsoft's naming
convention for security patch releases is definitely critical for you
to understand patch order. See the article at http://www.myitforum.com/articles/20/view.asp?id=5894
to understand the security patch naming convention.What could happen if you patch out of order?
Microsoft's patches are released with the assumption
you have a patch-management policy in place and that you have applied
all patches to date. So, when they develop the next patch, they also
assume that the system to which you will apply the latest patch
release has the proper file versions.If you apply the patches out of order, you can effectively overwrite
a secure file. For example, say the RPC DCOM worm is patched by using
MS03-026. If you have this patch, you will not be affected by the
worm. But if you apply MS03-010 after you apply
MS03-026, a secure DLL will be overwritten with an insecure one,
reopening the vulnerability that MS03-026 patches.Why would someone do this, you might ask? The RPC DCOM worm was
something you couldn't get away from. The Department
of Homeland Security issued warnings, Microsoft issued warnings, and
the warning was blasted all over TV and Internet. This woke up a
bunch of system administrators, so they patched with MS03-026. And,
since they were patching, they might as well get the other patches
they had missed up to that point, applying MS03-010 after the fact.So, make sure that you are apply your patches in the order in which
they are released. If you have some catching up to do, take the extra
time to get it right!Rod Trent
