29 พฤษภาคม 2555 4:29
As we are working on PCI certification we need to install any new security patch as soon as it realeases.
1. how and from where do i get the inforamtion that a new security patch is available
2. it says everywhere that we need to test it pre installing on production. what type of tests we need to run?
our test environment is not good enough to run complete applicational tests, what in particular should be the type of checks i need to run?
29 พฤษภาคม 2555 10:58
For early notification sign up for the Security Notification offerings - http://technet.microsoft.com/en-us/security/bulletin/advance.
PCI or other standards won't tell you what or how to test. You need to decide what is critical for your databases and applications. Testing on a test system can make you aware of possible pre-requistites, down time required and how long the process takes. It also gives you the chance to test performance after the update and that critical components of your setup continue to operate as required. Your test environment should allow for basic testing against your workload.
- ทำเครื่องหมายเป็นคำตอบโดย Gal1 29 พฤษภาคม 2555 20:20
6 มิถุนายน 2555 11:35
Thank you for your answer, but i started to read the link you provided and I got lost...
I'm looking for a link where I subscribe and get the notice when there is a new Security Petch that I have to install on my servers for SQL Server.
And I need to be able to link from that notice to the content of the hot fix to be able to decide whether I install it, or just see that it is not needed for my environment.
Can you provide me with these links?
6 มิถุนายน 2555 12:02