by J.F. Rice
Throughout the United States, businesses and their employees are expected to do more with less and are pushed to ensure downtime is at an absolute minimum, if not at zero. The unintended consequence of this is nobody reboots, causing a great many system vulnerabilities.
J.F. Rice writes for Computerworld, “[Back in 2008] I had to struggle with the IT department to get them to do any patching. The backlog was immense—not only had the Windows operating systems running on our servers never been patched but neither had their software applications. My vulnerability scanner found literally hundreds of thousands of patchable vulnerabilities.
“It took a lot of work over a couple of years to work down that backlog and get everything current. And then we had to start on workstations. After all that, we finally reached a stable baseline with few vulnerabilities, but the next challenge was to start patching on a regular basis and keep all our computers updated month-to-month.”
While Rice admits patching practices have greatly improved, he notes, “There’s just one problem remaining: Windows computers must be rebooted to complete the patch installations. And because a reboot takes the computer out of service for a few minutes, it causes downtime. And when that system is dependent on other systems, or vice versa, rebooting can cause a chain reaction that cripples critical software services. So in fact, the simple act of rebooting a computer to complete the patch installations is the hardest part of the job.”