8/13/2004 -- Right now, Microsoft software is driving me absolutely nuts! Overnight (local time) Microsoft released yet another critical patch that requires rapid deployment in our customers' environments. So, as I'm writing this, I just got up for an urgent 6 a.m. Saturday teleconference to discuss our plans to get the patch implemented this weekend, and I'm not very happy about it.

We had a little pre-warning that a patch was soon coming, although there was no detail provided on what the patch contained. This had allowed us yesterday to put some rough plans in place should this patch be released over the weekend. To make things worse, here in Australia we have a long weekend, so instead of my team having a nice long break with their friends and families, a number of them will need to be called in to work on the weekend to proceed with the rollout.

Microsoft's dream of a computer in every home and office running Microsoft software has been become our nightmare. I really don't know if the software itself is any more unsecure than any others (although, as I write this, I'm really not in the mood to give them the benefit of the doubt!), but the ubiquitous nature of a homogenous software base on both desktop and server means it is all too easy for a threat to be exploited (which is, of course, is the attraction for those who write malicious code) and then rapidly spread throughout an enterprise. Then, when you add the ease with which threats can spread via the Internet, it means we have little choice to get this deployed as quickly as possible, starting with the most important and/or exposed devices.

Even if this was the end of it, this would be bad enough. But my team is also going to have to be involved in a number of software upgrade projects in the coming months - from Windows NT Server 4.0, Windows Server 2000 SP2 and Internet Explorer 5.x - for no other reason that the software is or is about to become unsupported by Microsoft. From a pure business standpoint, these servers are already performing as required, but because support from Microsoft has stopped or is about to stop, we are forced to waste valuable time upgrading them. Of course, the costs of running unsupported software with known vulnerabilities are too high to ignore, but at the same time it is difficult to look senior executives in the eye and tell them they gain any other business benefit from all the upgrade costs. Unfortunately, we are being forced into a cycle of upgrades driven not by technology but by Microsoft's need for regular revenue and/or an unwillingness to support their products.

A cynic could suggest that, at this rate, those of us who work with Microsoft technology will have a job for life given Microsoft's history of requiring regular updates, but for our own job satisfaction and the health of the business, it would be nice to be able to see some real business benefit for all of the effort we expend.

What do you think? Are you happy with Microsoft's approach to security and product support lifecycles? Let me know by appending your thoughts below. In the meantime, I've got a few urgent calls to make.