 | |||
|
|
||
| |||
| |||
| |||
| |
|
Home > What is included in a Microsoft patch? |
| |
|
|
|
|
| Book Excerpt: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||||||||||||||||||||||||||||||||||||||||||||
What is included in a Microsoft patch? Let's roll up our sleeves, get technical and examine what is included in each type of Microsoft patch. Security patches, critical updates, updates, update rollups, drivers and feature packs fall into the general distribution releases (GDR) category. These go through testing across different platforms and applications to ensure proper functionality, and that the program or update that includes new features performs as intended. However, hotfixes developed by Microsoft Product Support Services for a specific situation are not as tested as those included in general distribution releases. Microsoft Knowledge Base articles, freely available from Microsoft Product Support Services, always accompany these QFEs. In the Windows 2003 Server environment, the product update packages may include two or more copies of the same files to support two different types of install environments for a system. When the security patch, critical update, update, update rollup, driver or feature pack install, the installer package looks to see what files already exist on a system. Possible install environments include:
Having discovered the appropriate environment, the installer package installs the applicable file set. To see what version of a file exists in a Windows 2003 server environment, review the following formats:
In our server, we can see that the file on our server is a GDR version. Thus, it indicates that the patch engine did not find a hotfix and instead found a GDR version. For example, let's look at the file included in Security bulletin 04-024 (04 for the 2004 year, -024 meaning the 24th bulletin of the 2004 year). Find his bulletin at here and the sample below is the patch for the Windows 2003 platform. It includes updates to one file shell32.dll. Inside the installer package are two files. One expects that the server will still have one of the original dll's categorized as a GDR package the other anticipates a hotfix.
While security bulletin 04-024 includes an update to only one file, many patches contain a series of files that replace existing files on a system. Other security patches may include a series of files needed to correct the condition. In the Security patch Microsoft Security Bulletin MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution (841873)12 the patch includes a series of files needed to remove the vulnerability from the system:
Date / Time / Version / Size / File name / Folder 08-Jun-2004 / 22:01 / 5.1.2600.105 / 48,640 / Browser.dll / RTMQFE 08-Jun-2004 / 22:01 / 5.1.2600.155 / 251,392 / Mstask.dll / RTMQFE 03-Jun-2004 / 22:54 / 5.1.2600.155 / 9,728 / Mstinit.exe / RTMQFE 08-Jun-2004 / 22:01 / 5.1.2600.122 / 301,568 / Netapi32.dll / RTMQFE 08-Jun-2004 / 22:01 / 5.1.2600.155 / 159,232 / Schedsvc.dll / RTMQFE 08-Jun-2004 / 22:02 / 5.1.2600.1564 / 260,096 / Mstask.dll / SP1QFE 08-Jun-2004 / 19:59 / 5.1.2600.1564 / 10,752 / Mstinit.exe / SP1QFE 08-Jun-2004 / 22:02 / 5.1.2600.1562 / 306,688 / Netapi32.dll / SP1QFE 08-Jun-2004 / 22:02 / 5.1.2600.1564 / 172,544 / Schedsvc.dll / SP1QFE 18-May-2004 / 03:46 / 5.1.2600.1555 / 593,408 / Xpsp2res.dll / SP1QFE Applying new executables and DLL files introduces change into a stable system. As evident from the files listed above, the security update includes both executables and dynamic link library files. An .exe file is a file that a computer can directly "run" or execute. A DLL file contains a range of functions accessed by other Windows applications. The standard functions in the Windows Application Programming Interface (or API) are accessed using DLL files. This standardization eases collaboration among disparate applications. Without these building blocks, applications would look and act much differently. A DLL can have the extension of .exe, .dll, .drv or .fon. In any case, patching introduces new files and new code into a stable system. Thus, test to ensure that you have tested the install and uninstall processes, as well as any potential rollback issues. Footnote: "Description of the contents of a Windows Server 2003 product update package," Redmond, Wash.: Microsoft Corporation, 2004, "Microsoft Security Bulletin MS04-022," Redmond, Wash.: Microsoft Corporation, 2004. Click for the next excerpt in this series: Historical patch process window Click for book details or get more information from Ecora.
|
|
|
||||||||||||||||||||||||||||||||||||||||||||
Get a glimpse inside the e-book 
|
|
 |  |  | |  | |  | |  | |  | |  | |  | |  | |  | |
|
|
About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS |
|
|
||
|
|||||||
