caution. MS KB hotfixes. How to prevent a disaster

Hello Experts,

Last month, we ran into a situation where after applying  Exchange & KB2506146 and KB2506143 there was a major incident that affect Exchange,Lync,Sharepoint because of these patches

I would like to know if you know of any websites that advise what hotfixes should be or not applied to a Windows platform[Exchange 2010, Lync 2010, Sharepoint 2010, WIndows server 2008 R2/2012, so on}


For instance, I just found the link below that might be useful in the future to prevent any other disaster

http://exchangeserverinfo.net/2012/12/956/

Looking forward hearing from you
Jerry SeinfieldAsked:
Who is Participating?
 
SubsunConnect With a Mentor Commented:
I would not hurry installing any update (except security hotfixes) until it guarantee a fix an issue of my environment. Typically we wait three to nine weeks before installing a update in production. Also we would test any updates thoroughly on my lab or DR environment before production deployment.

You can also check Best Practices for Applying Service Packs, Hotfixes and Security Patches from Microsoft..
http://technet.microsoft.com/en-us/library/cc750077.aspx
0
 
Stelian StanNetwork AdministratorCommented:
For Exchange I always check Technet: http://blogs.technet.com/b/exchange/archive/2012/12/14/windows-management-framework-3-0-on-exchange-2007-and-exchange-2010.aspx

same thing for Sharepoint: http://sharepoint.microsoft.com/blog/Pages/default.aspx

For Windows server I usually wait a while till I'm sure it's safe to apply the patches.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
What i do is once i see a Patch i check its details and wait for a couple of weeks while i try to check internet if people are reporting any issues or not

Other would be to check the KB article and ensure if its what you really want and concerned with the Application\Products you have

- Rancy
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Gary DewrellSenior Network AdministratorCommented:
We take a bit more extreme approach. We do not install hotfixes unless they resolve a specific problme we are experiancing or are marked Critical.  We wait for the Service Pack that has all of the hot fixes to be released.

If we do have to install one we almost NEVER install it the day it comes out. We wait at least a week and then do some Google searches by KB number to see if anyone else has had an issue.  Where possible we test the hotfix in non-production environment.
0
 
Jerry SeinfieldAuthor Commented:
Thanks everyone,

All of the advices above are valid, however I have a client who patches their windows servers on a monthly basis. I recommended to wait at least 2 months after the kb has been released, but patching a server every month is a must

So, besides google, technet, do you know of any good website that focus on this type of requirements?
0
 
Gary DewrellSenior Network AdministratorCommented:
I do not know of a single site to fine anything like what you are requesting. Microsofts answer is and has always been that you must test the hotfixes in a non-production environment prior to installing.

Here is a Microsoft Article that has some best practices.
http://technet.microsoft.com/en-us/library/cc512589.aspx

Have a blessed day

Gary
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
When you say a month why dont you simply select updates about 2-3 weeks back and also have a review a couple of days earlier to the patching

- Rancy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.