Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Buggy Forever

By Steve Jones,

Patching our software platforms is something that most of us have come to expect. We get monthly patches released by Microsoft, and fortunately very few for the SQL Server platform. Many system administrators I know have some sort of monthly test and deployment cycle that's in place to ensure they can keep their systems up to date in an orderly fashion. However not all system administrators worry about patches. There was an article this week about systems that never recieve patches, and are full over forever day bugs.

Zero day bugs are those discoverd and exploited before the vendor can release a patch. Forever day bugs are those holes which the vendor cannot, or will not, patch for some reason. The software containing these bugs might be end of lifed, superceeded by a new version, or potentially seen as too expensive by the vendor to fix. In many cases vendors do send workarounds to customers that can help them secure their systems if they can implement the suggestions.

In some ways software is different from a physical product in that we can fix it, usually fairly easily. Unlike many physical products (cars, appliances, etc) that require a large effort and expense to deploy and implement a fix, software can often be fixed by the customer, with a patch that is sent at almost no cost once it has been developed. Many vendors have built systems into their software in anticipation of future patching needs. My own employer, Red Gate, includes a check for updates into their software that will download and install patches when the customer chooses to do so. Unfortunately there are some vendors that build these systems into software, and then take advantage of them by releasing buggy software early to gain sales. Their plan is then to fix issues quickly, often in response to customer complaints.

Software will always have bugs, and anyone that builds software ought to plan on applying patches to it over time. However we do have some level of immaturity in this process. Unlike physical goods where the customer can manufacture their own replacement parts when the product is no longer supported, software is bound with a license that doesn't allow the customer to produce their own patches. I would like to see end of lifed software available to customers as part of an escrow process that allows them to build their own patches if they are needed.

Total article views: 105 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Patch Week

This week Steve Jones notes there were quite a few patches from Microsoft for a variety of products....

ARTICLE

The Danger of Custom Software

Is it worth writing your own software? Steve Jones says you ought to really think about it and perha...

ARTICLE

The Patch Wild, Wild West

Microsoft might be changing their patching process for applications. This has Steve Jones worried th...

ARTICLE

Patch Problems

A few recent Patch problems have Steve Jones concerned about the directions we are going with softwa...

ARTICLE

Oracle Slackers

It seems that Oracle DBAs aren't very diligent about patching their systems.

Tags
database weekly    
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones