Solaris Patching: Problems, Solutions, and Open Issues

Patch your systems' is a basic security and reliability prescription yet the large number of problems reported from security issues that would have been fixed by patches shows that this prescription is not being followed. Most of the recent news making problems caused by missing patches occurred in the Windows environment. However unpatched or slowly patched systems are a problem in other operating systems as well. This paper takes a high level look at reasons to patch the extent to which systems in the wild are being patched and the patch management process; specifically under current versions of Sun's Solaris Operating Environment. After looking at the extent of the problem of unpatched systems and the barriers to patching; I look at some of the strategies and tools both from Sun and the system administration community that address these problems and point out areas that are in need of further work. Sun's Blueprint for a high level patching strategy is used as a framework for discussing patching issues throughout this paper.