Last week, Microsoft matched its record of fixes in its monthly security update.  With all the updates coming from Microsoft, “Patch Tuesday” is getting up there with “Hump Day,” but still lagging way behind “Manic Monday” and “TGIF.”

With all these patches, here is a corollary to the law of unintended consequences: test any patches before deploying them to servers and workstations on the network. This is now become one of cardinal rules of IT. Don’t expect Microsoft or any other vendor to have exhaustedly tested any patches they have released. Patches themselves are often rushed fixes to vulnerabilities and exploits, where speed is generally more prized than quality or stability. To be fair, accounting for every possible computing environment is impossible. Microsoft will even push the envelope on what is considered a “critical patch”: like releasing Internet Explorer 7 (IE7) as a critical patch. IE7 broke many web applications due to changes in its architecture.

As part of our SAGE OnSight service, we test all patches before deploying them to the networks we manage for our clients. This practice has been instrumental in the high degree of up-time, stability and reliability our clients enjoy.