Re: what is your advice to your users

[Todd Kisida <tkisida () DCP UFL EDU>]

> To those of using installing the 3rd party patch, do you have 
> a plan for removing the patch before installing the official 
> Microsoft Update?
For me this was one of the bigger considerations in the cost/benefit
analysis to deploy or not deploy the unofficial patch.  My plan will
depend on the interaction between the unofficial and official patches.
Since I deployed the patch via Group Policy, removal from on campus
machines will be simple.  Our Windows patch management is via WSUS so
timing the uninstall and install will be an issue if there are negative
interactions.  Also our clients can contact the WSUS over the internet,
but they won't be able to get the unofficial patch removed unless they
are on campus.

The ideal situation is that they can both be installed without serious
negative effects.  If this is the case then I'll just tell our WSUS
server to deploy the official patch then a week or so later use Group
Policy to uninstall the unofficial patch.  

If there are negative interactions and the unofficial patch continues to
be effective we'll probably have to sneaker net around to our local
machines and make appointments to have laptops brought in to remove the
unofficial patch and install the official one.  Still better than having
to rebuild infected machines.

Worst case is that if the unofficial patch proves to be ineffective and
there are negative interactions with the official patch.  In that case
I'll probably remove the unofficial patch vi Group Policy and install
the official through WSUS.  This will leave some machines to be cleaned
up later.  

--
Todd