Simple three steps for your system quickly patched

A computer in use, in the system patch may have the following problems: First, the computer has been patched, but not necessarily complete, and in the subsequent updating of the patch and update the time there are certain problems; The second is that the computer does not have a patch at all, so there are more security risks, of course, the latest release of the subsequent vulnerabilities are not dealt with the patch.

At present, the common way to deal with the patch is through the vulnerability Scanning Tool software, such as the rising kill virus system, 30 security Guardian Software, Jinshan poison PA system, such as scanning the local loopholes, the corresponding patches from the Internet to download to the machine after the operation, the system patched. This method has the following specific problems: the first need to access the Internet, if the computer is a stand-alone use or only access to the internal LAN, but can not access the Internet, this method will not work; Second, even if computers can download patches via the internet, also make every computer will be repeated download patches, has been downloaded patches are not effective use, the formation of waste of information resources, while occupying the network bandwidth, pay the cost of time, especially when the computer installed the operating system, may be scanned to dozens of system vulnerabilities, Every time you download it, it becomes more time-consuming and laborious.

Therefore, it is necessary to use the existing vulnerability scanning tools and have been downloaded to the local patch library resources, do not have to access the Internet, but the full use of LAN network or commonly used transmission media (such as U disk, mobile hard disk, CD-ROM, etc.), to find a fast, complete, easy to operate The author through the software development and supporting the use of some auxiliary tools software, carried out the practice.

Three steps to achieve fast patching

The first step is to solve the problem of patching the system quickly.

1. Get the patch library. Use the Patch downloader or some tool software from the patch library automatic download function, a variety of operating system of the patch library to download a one-time separately to local.

2. Get a vulnerability scan report that requires a patched computer. Find can run the latest version of the rising Vulnerability scanner, rising vulnerability scanning program after the operation of the computer for specific vulnerabilities scan and generate vulnerability Scan report, Vulnerability Scan report contains the specific vulnerabilities of the computer and the corresponding patch file name, you can use the "Export report" feature to turn the vulnerability Scan report out for further processing.

3. Self-coding procedures, according to the computer vulnerability scanning reports involved in the vulnerability and the corresponding patch file name, processing each, to generate a patch file with running parameters batch procedures, set parameters can be implemented without manual intervention and automatic installation completed, Do not reboot the computer after installation so that multiple patch files automatically perform the installation in sequence.

4. Run the patch file batch process just generated, each patch file according to the actual path of the patch library to invoke, run, to achieve a patch.

The second step is to fix the integrity of the patch.

Because only rely on rising system for vulnerability scanning and patching, its scan to the vulnerability is incomplete, need to be supplemented, can be installed on a computer 360 security Guardian Software, Jinshan poison PA and other other vulnerability scanning tools to further find the computer still some other vulnerabilities, According to the vulnerability in the scan report and the corresponding patch file name, a one-time download of the patch library and the corresponding patch file with the operating parameters of the batch program, the subsequent use of direct operation of the Supplemental Patch file batch program to achieve the supplementary work of missing patches.

The first and second steps are all included in a single master batch program, and you can simply run the main batch program and simple operation to achieve a one-time goal for the computer to complete the patch.

The third step is to solve the latest release of the following patch issues.

For the latest release of Microsoft patches, can be resolved by the following methods. The author uses the Chinese version of WSUS3.0 software, which is specially designed for patch upgrades in Microsoft. Install the Chinese version of WSUS 3.0 software on a single computer as a WSUS server, upgrade the server to download patches on Microsoft's official website, and make a simple configuration on the client computer that needs to be patched, as follows: Run the gpedit.msc command, add the Wuau template to the " Current policy template, and then make "Configure Automatic Updates" for the Windows Update project to start the Select and "Specify intranet Microsoft Update service location" setting to the I p address of the local WSUS server, and finally run Wuauclt.exe/ The Detectnow command initiates registration, and the computer that needs to be patched later receives a patch that is distributed by the WSUS server and is automatically installed, which is the most timely way to get the latest patches and to support all Microsoft operating systems.

Working with effects

1. Implementation of a patch library download, re-use, and can use a variety of transmission media, such as U disk, mobile hard disk, CD-ROM, network sharing, etc. to store and process the downloaded patch library.

2. Do not need to access the Internet, can be stand-alone and in the local area network computer processing, reduce the network bandwidth burden.

3. Microsoft can handle a variety of operating systems, such as Windows XP, Windows 2000, Windows 2003, and so on.

4. Strong independence, can be at any time when needed to play a separate patch.

5. The use of rising vulnerability scanning software, since the development of programs, WSUS system, such as a variety of patching mode linkage, non-interference, mutual complementarity, can be more thoroughly solve the system patching problem.

6. Practical operation is simple.

Through the practical application of this method, play the foundation of computer system, enhance the server, single machine system robustness, improve system stability, can effectively protect against viruses, hackers, Trojan software, rogue software intrusion, computer operating failure rate greatly reduced, network operation quality has been improved, received a better effect