What is the best way to research Windows patches and updates for compatibility issues?

Besides calling the application vendor and hoping to get someone knowledgeable on the phone, what is a good way to research Windows patches to minimize the risk of conflicts as I patch my servers.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
typically when you receive Windows security or update bulletin, the details of each patch will detailed the implicated Windows platform and version, specifically found in their individual knowledge base. they are quite comprehensive and even include deployment rollout. e.g is the IE update below

nonetheless, there should be staging area for testing patch on test machine before rollout of patches. this especially applicable for surfacing any other non windows system applications but specific to enterprise and third party software. there are cases where releases by AV cause drastic unintentional denial of services e.g. system cannot bootup, etc (due to replacement or wrongly denying of system files)

But it would be surfaced in staged testing prior patch deployment, but do note severity of patch any delay would expose attack surface longer.

Also the Windows application comptability tool is worth exploring too, even though it is platform specific



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It is recommended that all security patches be tested in a test bed of servers and workstations matching
your corporate business environment to ensure compatibility issues do not exist.  Microsoft is not going to know exactly what effect the patches are going to have on your unique environment.  There may be third party dependencies that are affected that haven't been reported yet.  It's best to test yourself and note any issues that you notice.   With the power of virtualization, this task can be performed at a lower cost.  We run virtual machines and test all patches prior to deployment.  Some use VMWare with LANDesk that gives you more options, like testing against standard configurations.  You can keep different baselines and choose to run the patches that affect those application baselines, nice and organized.  

Also, do you have a MS TechNet account, you don't have to get a full subscription to view the standard content, that is a great resource.  The MS bloggers will post information about patches, issues, workarounds.  You can always get valuable information from their experts.
nhawkinsVAAuthor Commented:
Glad to help.  Good luck with your research!  :-)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.