Pub. 7 2018 Issue 3

The CommunityBanker 12 NeverEnding Patches By Daniel Lindley, CoNetrix I n 1984, a fantasy movie involving a young boy, a rock- eater, a weird dog-dragon hybrid, an entity known as The Nothing, and an assortment of other strange characters was released. This movie, titled The NeverEnding Story, is remembered by many people not only because of the story itself, but because of the main title track which lingers long after the credits have rolled. After watching the movie, one could be caught belting out “NeverEnding Stooooooryyyyyyyy! Ah, ah, ah!” for anyone nearby to listen. While this song is easily adapted for a number of tasks in everyday life (never ending laundry, dishes, or bills), for those in IT roles it has become “NeverEnding Paaaaaattccheeeeees!” Although it is true that patches will probably never stop for a product unless the product or the company is no longer around, the constant stream of updates can be controlled. For this to occur, however, several things need to happen. First, it must be decided what patches will be installed and what time frame is considered acceptable. Second, the patches need to be applied as instructed by the software provider. Finally, verification should be performed to ensure the patches were applied as planned. Deciding what patches should be applied seems like a simple matter at first glance. For Microsoft products, be they Win - dows operating systems or Office products, the standard process seems to be to only install critical updates. This has become even more common with the patch rollup process Microsoft shifted to with Windows 10. However, a quick look at Microsoft’s Windows Update categories as well as WSUS settings reveal that critical updates have nothing to do with B A N K B Y T E S