PatchLink Corp. today announced its support of a method to temporarily disable the automatic or accidental delivery of the Microsoft Windows XP Service Pack 2 (SP2) across an entire enterprise environment, including an organization’s remote laptop users.
Utilizing the WinXP SP2 Temporary Blocker Toolkit, PATCHLINK UPDATE immediately gives network administrators the ability to use the blocking patch in a policy-based deployment to protect key systems that might be affected by the automated installation of XP SP2. With a policy-based, best-practices approach, administrators using PatchLink’s agent-based patch and vulnerability management system can quickly identify and deploy XP SP2 to the parts of their organization that are prepared to receive the service pack.
The release by Microsoft of XP SP2 is providing network administrators with an important tool to increase network security. However, due to the extensive nature of the changes in XP SP2, many organizations are concerned about the impact that the automatic deployment of this service pack will have on their environments. Noted as essential to the security of XP systems and a “critical update,” Microsoft is automatically distributing XP SP2 to Windows XP and Windows XP Service Pack 1 systems via Windows Update (WU) and the Automatic Updates (AU) delivery mechanism in Windows. Due to the automatic nature of WU and AU, network administrators managing Windows network environments are concerned about employees patching their own systems.
While other patch management vendors have taken the approach of providing quick installation of XP SP2, PatchLink extends this ability further by becoming the first to provide the necessary tools to block XP SP2 until it’s fully tested by the network administrator and to permit its roll back. Continuing its core “test before you patch” philosophy, PatchLink recommends that network administrators employ the temporary block to delay user-initiated or unapproved deployment of XP SP2 until after it has been fully tested for their environments. Once testing has been completed, XP SP2 can be immediately and automatically deployed, based on the organization’s policies. PATCHLINK UPDATE also includes a roll-back feature, which gives the network administrator the ability to undo or roll back the entire patch to its original configuration.
“By giving our customers the ability to block the automated and unplanned installation of XP SP2 until after they have qualified it for their environments, we ensure that they can take full advantage of the new security features in XP SP2 without serious interruption,” said PatchLink CEO Sean Moshir. “By using PATCHLINK UPDATE’s policy and baseline capabilities to quickly qualify and deploy XP SP2 in an organized and planned manner, our customers are able to incorporate XP SP2 into a true, best-practices network management approach.”
PATCHLINK UPDATE offers more granular vulnerability analysis than a nonagent-based solution, paralleling Microsoft’s focus on trusted computing. PatchLink’s agent-based architecture allows organizations to keep XP SP2’s firewall fully functional. Commenting on the importance of this capability, Moshir noted, “PatchLink is supporting the release of XP SP2 to help bring desktop security up to a level more typical of server environments. Nonagent-based solutions will most likely require that the XP SP2 firewall settings be reduced or completely turned off during scans. Patch management solutions that are not agent-based and that use RPC, remote ADMIN shares, file copying and which rely on domain credentials won’t be able to maintain the levels of security that customers desire from XP SP2.”
ITManagementNews keeps you necessarily informed on the latest technolgies and trends including Production, implementation and support of mission critical systems and applications.
