by Dan DiNicolo
As a network administrator, you are likely all too familiar with the challenges of managing service packs and hotfixes on your corporate Windows desktops and servers. Not only do these patches and upgrades have to be applied and documented, but you also need to find out about them. Needless to say, there are better ways for you to be spending your time than jumping from system to system trying to gather information and patch Microsoft’s security hole-of-the-week. Having dealt with this problem in large enterprise environments myself (and having created more automated installation scripts than I care to talk about), I feel your pain. Luckily for you (and that life you might be trying to have every once in a while), there is a great piece of software that will lighten your workload – Service Pack Manager 2000 from Gravity Storm Software.
I was skeptical about Service Pack Manager before I even installed it. Having dealt with a variety of third-party software packages that claimed to be able to easily automate common tasks, my thoughts immediately moved to finding the catch. In almost every case, using such software involves pouring over reams of documentation that explain the nuances, limitations, and hundreds of wonderful command-line switches that you need to know to make the software do anything useful. It appears that, in this case at least, my skepticism was premature, however. After installing the software and running the executable, Service Pack Manager immediately ‘enumerated’ my network, providing a list of servers and workstations in both my network domain and workgroup. Opening either provided a listing of my desktops and servers, much like I was viewing them from within My Network Places – time to find out what this software could really do.
The beauty of the product is that it functions as both a tool to query the systems on your network as well as to automate the distribution of hotfixes and Service Packs. By clicking on a given system, I can see exactly which hotfixes and Service Packs have been applied to a system – immediately a huge timesaver. While most of us make a point of installing Service Packs regularly, we usually don’t bother too much with hotfixes, unless of course a particular vulnerability receives a great deal of press (such as the recent Code Red patch).
So why don’t we usually deal with hotfixes? Well, mainly because it takes more time and effort than we can usually dedicate, and sometimes because we just don’t know about them. I certainly don’t check the Microsoft site for them daily, and I’m sure most of you don’t either. That’s another part of the good news – Service Pack Manager 2000 not only shows you what has been applied to a system, but also updates itself (according to the schedule you lay out) with a list of new hotfixes as they are released. Remember that hotfixes get rolled into the new Service Pack releases, but systems remain vulnerable in the meantime – not applying them can be very dangerous indeed.
The screen shot below shows you the results of my querying my laptop to find out where things were. Notice that although I am running SP2 (with high encryption), I seem to be missing a number of hotfixes (news to me, but I’m not surprised).
This product review from Dan DiNicolo takes a look at a handy tool designed to lighten your workload by automating the distribution process for service packs and hotfixes. Service Manager 2000 will automatically monitor, download, and install new patches for your operating system, Outlook, Outlook Express, Exchange Server, SQL Server, Internet Explorer and IIS.
The icons in the ‘Available Hotfixes’ section are very intuitive – a green light for installed, a red light for not, and a yellow light for those downloaded but not yet installed. I can choose to download a given hotfix to a network location, and then distribute it to one or multiple computers simultaneously. The product will even go so far as to reboot the remote machines after the fix has been applied (or not, if you so choose).
The product’s developers definitely had the system administrator’s needs in mind when they were building this tool. It has great scheduling and reporting capabilities, the ability to export all Service Pack and hotfix data to CSV files, and the ability to define groups of computers (called NetGroups) that should receive the same fixes or Service Packs – after the group is defined, just push all of the fixes out to the group of remote systems. If that weren’t enough, the product is not only capable of updating your OS, but also applying hotfixes and/or Service Packs for Outlook, Outlook Express, Exchange Server, SQL Server, Internet Explorer and IIS!
Having said all that, my favorite feature in the product is one that some people may find trivial. Service Pack Manager 2000 includes an integrated browser that will access the Web page associated with a given Service Pack or hotfix, so that I can get its associated details quickly and easily. Check out the screen shot below, which helps me better understand what the hotfix associated with Microsoft Knowledge Base article Q307454 is all about.
In this short review I’ve only managed to skim the surface of what Service Pack Manager 2000 is capable of – there are plenty more useful features well worth exploring. The product is available for download as a 7-day evaluation release on the Gravity Storm website, which can be found at
Think about the amount of time and effort that goes into patching and upgrading network systems. Think about the time (and more importantly money) that is wasted when security holes cause network downtime. Then think about how you can prove to management that the network systems are properly patched and secured in an efficient and effective manner. For any company serious about their systems, purchasing Service Pack Manager 2000 should be a no-brainer.