Microsoft's patch management is abysmal !!
If M$ supplied tiny.. 512 or less byte un-installable patches I might be inclined to trust them. But that is not the case. Their is no real way to uninstall and compare OS files to the original disk.
Instead M$ swaps out major sections of the OS/APPS/Libaries (Which have the kitchen sink of changes thrown into them).
Throw in the lame ass registry and the nightmare is complete.
There is simply NO WAY to retest the users applications for anomolies after M$ installes a bunch of patches. (Way too frequent and wayyyy to large.)
Instead.. I place my trust in External firewalls & non MS applications. Severely limiting the use of M$ applications talking to the Internet. No Lookout, or IE. Use Firefox(w antispam plugins), Opera and non-MS email apps.
In summary.. Don't expose M$ OS or Applications directly to the wild and wooly internet and you'll minimised the need to be sucked into M$ patch nightmare.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
