Microsoft has released the latest version of the Microsoft Security Update Guide. This revised edition focuses on providing best practices for prioritizing and testing security updates for deployment in an organization’s IT environment.
As reported by the Microsoft Security Response Center (MSRC) blog, enterprise customers are relying extensively on Microsoft’s testing process and quickly deploying patches as they become available. In the new Security Update Guide, Microsoft has provided extensive details regarding their internal testing procedures before patches are pushed out to the public.
The guide focuses on the following topics:
- Insight into how Microsoft tests security updates (including application-compatibility testing, rootkit detection, internal testing including live pre-release deployment on over 24,000 devices inside Microsoft);
- A guide to which update approach – Microsoft Update and Automatic Updates, Windows Server Update Service (WSUS), or Microsoft System Center Configuration Manager 2007 – is right for your enterprise;
- Information on our Security Update Validation Program, which allows selected partners and customers to test update functionality before release;
- Fully revised customer pre-deployment testing guidance, including guidance for Windows 7;
- Greater insight into our Severity Rating System and Exploitability Index;
- Refreshed and revised resources appendices.
The Microsoft Security Update Guide, Second Edition is available for download at http://www.microsoft.com/securityupdateguide