How long does it take to post Patches for Windows Fixlets

(imported topic written by SystemAdmin)

Hi there,

How long does it take to post fixlets for the new security patches. At present I only see three.

I see one for MS09-013(the HTTP issue) and the two associated with MS09-09, both Excel related.

I would also expect to see fixlets for MS09-012, MS09-014, and MS09-015.

What is the ETA on fixlets for these other Issues? Is there a normal release cycle post Patch Tuesday?

(imported comment written by BenKus)

Hey sphear,

Usually we get the patches out within a few hours, but occasionally there are a large number of bulletins and it takes a little longer… In these cases, we work on releasing the critical patches on the most popular OSes/applications first…

I just spoke with the Fixlet authors and they are finishing up some the remaining Fixlets now… (you should have already seen more than you posted and more will be released shortly).

Ben

(imported comment written by SystemAdmin)

So does Bigfix offer an official SLA wrt Security updates?

What about out of cycle patches?

Thanks

-Sphear

(imported comment written by BenKus)

Hey Sphear,

We generally get the patches out within a few hours of their release and I don’t think we have ever taken more than 24 hours for any MS patch release… Usually the out-of-band patches come out very fast (I think the last one was released 1.5 hours after Microsoft released them).

Ben

(imported comment written by snoczp91)

Ben Kus

Hey Sphear,

I don’t think we have ever taken more than 24 hours for any MS patch release…

Ben

Ben, The native language patches are almost always a couple days out from the MS release, at least in my experience over the last 4-5 months. And, more than once they were later than the supposed 3 day SLA for

native language fixlets, as was quoted to us during our POC and also when I inquired more recently.

Thanks though.

(imported comment written by BenKus)

Hey snoczp,

I can look into it if you tell me which languages you have installed… We usually do them in the order of how many customers are using them (German/Japanese are generally done first and some like Hungarian are done last I think).

Ben

(imported comment written by snoczp91)

Ben,

Thanks. We have a little of everything as we are a global sw development company. The major ones, in terms of numbers outside of English are German, Simplified Chinese, French, Italian. We also have Chinese (Taiwan)

I do not know the difference, but we have both Simplified Chinese, and Tiawan Chinese

, Japanese, Polish, Spanish, Czech, and 1 Turkisk.

We also have a fair number identified by BigFix as Unidentified OS Language, which are in reality, Apple Macs with the BF agent installed on them. Of course, these are not our biggest patching concern.

We try to run our patch/fixlet testing and production deployment on a tight timeline, and do all languages at the same time, so having the native language patches out quickly definitely helps our established processes stay on track.

Thanks,

(imported comment written by gtallan91)

Ben Kus

Hey snoczp,

I can look into it if you tell me which languages you have installed… We usually do them in the order of how many customers are using them (German/Japanese are generally done first and some like Hungarian are done last I think).

Ben

At the risk of asking in an inappropriate thread, is there any SLA for delivery of application patches (Quicktime, Adobe Reader etc). In practice I have always seen them within a day or two, but I’ve been asked if there is a more formal delivery schedule.

Graham

(imported comment written by BenKus)

Hey Graham,

“SLA” to us (and most vendors I think) means that we have to talk to lawyers and look at contracts, but I can look up the “expected release times” if that is more of what you are interested in…

Ben

(imported comment written by armri0291)

You can get the Proventia Desktop Masthead now and it will Virtual Patch ® your windows systems so you can wait a few weeks before you patch your windows systems. Those fixlet updates come directly from IBM Internet Security Systems X-Force.