Yes, it is feasible to implement a third-party patch on a Windows system. However, several important steps should be followed to ensure the patch does not have an ill effect on the system. These steps include, at a minimum:
- Obtain the patch through a secure manner (for example, SHA-1).
- Complete the appropriate testing before proceeding to implement the patch.
- Have a well-defined and documented back-out plan in the event the patch does not install correctly or causes issues with the systems or applications.
- Provide proper communication to all those involved with the systems being patched, both the end users and administrators.
- Install the patch on less critical systems first, to ensure no issues, then install on more critical sytems.
If these steps are followed, at a minimum, then the risk of installing a third-party patch is mitigated.
For more information on testing patches before rolling them out to your customers, visit our Patch Management Project Guide.
This was first published in October 2006