Patches in Windows refer to the pieces of code that replace faulty existing pieces currently on your computer. They are usually provided by the application vendor and in terms of the operating system itself, are released on a regular basis by Microsoft. There are two main kinds of patches from Microsoft:
It deserves to be mentioned that patches are not regression tested and sometimes get redistributed due to other problems that surface. For this reason we do not recommend Microsoft "recommended" patches unless you are experiencing the problem they address.
We in IST have a local mechanism for you for installing all critical patches. It is called the WSUS (Windows Software Update Service) server. See the link on the left for details. The advantage of subscribing to this service instead of the Microsoft Windows Update service is that we test all critical patches for a week with applications we use to make sure no problems appear before releasing them to our clients.
Security Packs are interim releases of the operating system and some applications (if available). They are a culmination of all critical and recommended patches since the operating system was originally released. The difference between accepting a service pack and all patches is that a service pack is rigorously regression tested against all other patches and known applications. Even though they may not be perfect, they have historically caused far less problems than some patches have caused. NOTE: Subsequent service packs contain all of the previous patches release in previous service packs. Therefore it is not necessary to install service pack #1 before installing service pack #2.
Created by Manfred Grisebach, July 2005