tags:

views:

156

answers:

1
+4  Q: 

How do Microsoft (and other software companies with a large installed base) manage patch dependencies?

OS (usually security-based) patches and hotfixes that Microsoft releases to the community normally consist of, in my understanding, a series of updated DLLs or other binaries.

How does Microsoft, and other companies like it, ensure that that hotfixes don't clash with each other? Do they always go for a cumulative patch approach, where a single hotfix will includes all of the fixes in previous hotfixes? This doesn't seem to be the case, because many hotfixes seem to be focused on fixing specific problems. If they are focused hotfixes, how do they prevent one hotfix from trashing another one (e.g. incompatible DLLs being installed with each other).

I have always admired Microsoft's ability to manage this process. The company I work for is much smaller, and when I worked on the patch process a few years ago, we always went for the cumulative approach, where a single patch immediately superseded all previous patches based on that release. This meant that the patches got progressively larger in size, until the next "official" release came out.

What are some good practices for managing patch dependencies?

+3  A: 

First off, Microsoft Windows Installer has the ability to patch binaries directly. Given known earlier states of a file, it can bring them to a known current state. We used to do this for our Large Commercial Product, but after a couple of releases, it was taking upwards of 24 hours for our four-way systems to produce a patch - which isn't good when you have (or want to have) nightly builds.

After a while, we opted for cumulative fixes where we merely allowed upgrades. We check that you're at a lower level, and then basically replace the entire product. (We also had the case whereby the second or third "delta" was basically everything anyway.)

On Unix/Linux, we can't use MSWI, obviously, so we provide another installer which basically does the same thing: move all the files out of the way, install as if brand new, and then delete the backup. The reality is, for us in our business, this is sufficient. We haven't gotten any complaints that I'm aware of (and those complaints would hit me pretty quickly based on my current job) with people unhappy enough to actually call in and complain. Mostly, they want to get the newer level with the patches so they can get on with their real business. Oddly enough, their business isn't installing patches.

Tanktalus  2008-10-22 05:03:10

related questions

How do you convert a physical machine into a virtual machine image for use in MS Virtual Server or Hyper-V?
Intellisense in Visual Studio 2005 between C# and VB - can't navigate to definitions
Reading recommendations for: Microsoft SQL Server
Does Windows Server 2003 SP2 tell the truth about Free System Page Table Entries?
How do I capture Microsoft Office Live Meeting's screencasts?
Handling Information overflow
Who leads the team for C# development in Microsoft?
Windows Powershell book - any good experiences?
What is .MSPX?
MSDN subscriptions on the cheap?
Whither Managed Extensibility Framework for .NET?
What is the best winform UI component set?
What is WPF?
What is a good dvd burning component for Windows or .Net?
How do I check the active solution configuration Visual Studio built with at runtime?
MS hotfix delayed delivery.
What versions of Visual Studio can be installed concurrently?
What exactly is Microsoft Expression Studio and how does it integrate with Visual Studio?
Best way to license Microsoft software as an independent developer
What is needed to get Delphi back on top?
How can I create virtual machines as part of a build process using MSBuild and MS Virtual Server and/or Hyper-V Server Virtualization?
Is it worth it to get MS Certified?
Why are MSDN subscriptions less expensive in the US?
Vista or XP for Dev Machine
Linking two Office documents