Distributing Microsoft Patches
Results 1 to 9 of 9

Thread: Distributing Microsoft Patches

  1. #1
    Senior Member
    Join Date
    Feb 2002
    Posts
    130

    Distributing Microsoft Patches

    I was just wondering if anybody knew of an easy way to distribute patches easily on a windows 2000 network. At work we have downloaded all the Microsoft patches using MBSA but now need to distribute them. I know we could write a script that would run the patches on all the machines but wouldn't that require a lot of clicking of the users part (accept , restart etc) especially since most of the machines need about 14 patches. Sorry if this seems like a stupid question but I just can't find a way round it

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    http://www.ecora.com/ecora/ has a proggie called patchmeister that I am Beta'ing... It is working quite well so far and will be a Godsend on a large network. It is relatively cost effective too.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Check out SUS (Software Update Service) from MS..

    http://www.microsoft.com/windows2000/windowsupdate/sus/


    Ammo
    Credit travels up, blame travels down -- The Boss

  4. #4
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    Thanks a lot, the links were very helpful, looks like we have almost got the problem sorted, cheers guys !

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Thought I would post this just in case anybody else needed some info on how to easily install multiple hotfixes. This is using qchain which is a free MS utility:
    http://support.microsoft.com/default...b;en-us;314902

    This is how to use qchain in such a way that you only have to reboot once:
    http://support.microsoft.com/default...b;en-us;296861

  6. #6
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Thanks for the QChain link. Also, couldnt you send this out through Active Directory in Win2k Server? You can assign the Group Policy to have everyone run the patches on startup or shutdown.
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    You could very easily do this through login scripts. But if you don't setup the installer to run through Qchain, they cannot install multiple hotfixes together at the same time, an avoid rebooting multiple times. Your script would also have to be intelligent enough to check what OS the person is running and other little checks like that. Otherwise you might end up trying to push hotfixes to the wrong OS type. Of course, if all of your client machines look the same, this might not be an issue you have to worry about.

  8. #8
    Junior Member
    Join Date
    Oct 2002
    Posts
    8
    I have found this little proggie particularly useful in the past.

    http://download.bigfix.com/update/bigfixwin.exe

    Kindly,

    _________________
    "...to some of us
    reading the manual is
    conceading defeat.-"

    [blur]Ciwdus[/blur]

  9. #9
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,210
    There a few programs which I have experience with.

    SUS (which is what Ammo suggested) is a program I have had very good experiences with, plus it's fairly easy to set up and maintain. I use SUS for most of my networking needs at my office, with one of my employees writing custom scripts when I need specific patches which SUS doesn't inherently support.

    Another program I have used is UpdateEXPERT by St. Bernard (www.updateexpert.com). It can update Windows, IIS, Windows Media and Office.

    Finally, if you're looking to simply search for updates across a SOHO network, I would recommend Microsoft Baseline Security Analyzer or HFNetChk (you can also spend some money and purchase more advanced versions of both of those from Shavlik Technologies, though I haven't had any experience with any of those).

    AJ

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •