Patching a server is fundamentally different from patching a workstation, both in terms of the 
scope of the patches and the process involved. You can usually take workstations out of commission and rebuild them from a pre-patched image, if it comes to that. With servers, there is usually no such luxury. The amount of downtime you can afford with any server is likely to be minimal, even if you’re dealing with a server that has backup (as, for instance, with an active/passive cluster).
One of the tougher jobs that server administrators have to deal with is figuring out the priority of patches for servers. They not only have to deal with the server, but also with the applications running on it, the middleware between applications and a host of other things. If you have a mess of patches to go into a given server, where do you start, and how do you move forward?
The best thing to do before you load in a single patch is to prioritize, to figure out what goes in first and why. Over time I’ve compiled a patch-ordering map for servers that covers just about everything, and I stick to it as best I can whenever it’s time to bring a new machine up to speed. Also, this way, if something peculiar arises that might be traceable to a given change, it’s a little easier to isolate what it might be. Patching Windows servers
From around the Web
- How to Use Network Behavior Analysis Tools
- Apple updates Safari with 11 security fixes
- Mozilla fixes 11 Firefox flaws, six critical
- Google updates Chrome to third beta
- Firefox 3.1 beta arrives with JavaScript booster turned off
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Top 10 Network Security Threats
- Big leap in malicious Web sites
- Network security makes a quantum leap
- What is the Best Internet Browser to Surf the Web?
- Windows 7 UAC could be less of a nag
- Microsoft releases faster Desktop Search 4.0
- Vista users keen on SP1, but XP SP3 not so much
- Windows 7 Details In October, Microsoft Says