Recently we had an issue with Pro Engineer, where a bug caused problems when viewing a drawing created in a newer datacode (WF4 M160) on an older datacode (WF4 M130).  The political decision was made to always install the latest hardware drivers and updates for all computers in one department of the company.  I'm not so sure I agree, but I am unable to persuade upper management that it can cause a problem.

See, I've always been under the impression that a user/admin should only install updates if those updates contain something the user/admin needs.  For instance, MS OS updates include needed security fixes to stop hackers so they should be run when possible.  But what do you all think about software that doesn't require security updates?  Should we go by the general rule, if it's not broken don't fix it?  Or should we always install the latest updates available?

Thanks

-Al

Many places employ an N-1 version policy to avoid running into bugs.   Typically security fixes are just that - fixes - and should be applied to the existing version as soon as possible.  But that isn't always the rule. N-1 will usually root out the majority of bugs.  If there no security issues, the biggest concern I would have is that if you ever need to call vendor for support, the first thing they do is ask if you have applied the latest fixes... Kind of a catch-22 hehe... The next concern would be, when this version reaches EOL, how much work will I have to get these guys up to date...

With software that runs scientific instrumentation, my colleague keeps an old Rounders bat, and has told me that if I ever notice him attempting to install a software update I should use the bat, and stop at nothing to prevent him.

Seriously: where possible we install software updates the day before we're expecting a service visit on the instrumentation, so when(*) it all goes wrong, the company's own service engineer can fix it. I wish this could be applied to other software too.

(* not "if"... )
 

Quote:

See, I've always been under the impression that a user/admin should only install updates if those updates contain something the user/admin needs.  For instance, MS OS updates include needed security fixes to stop hackers so they should be run when possible.  But what do you all think about software that doesn't require security updates?  Should we go by the general rule, if it's not broken don't fix it?  Or should we always install the latest updates available?

There's more than just security updates out there, there are also bug fixes, and pretty much all software (drivers, etc) has bug fixes in newer versions.  Keep in mind also that you may have a bug in the software that you're using that you simply haven't encountered...yet.  So pre-emptively updating to newer versions of the software could help with longer-term stability.  Sometimes software updates include performance optimizations as well.

At any rate, best practice is to TEST new software/firmware revisions before putting them into production.  Depending on what software/firmware you're looking at, you may have weekly, monthly, or sporadic updates.  To avoid being in a constant cycle of updating software, most companies will schedule update periods that are monthly, bi-monthly, or quarterly, and collect all relevant updates for that period into a single release, then test that release before deploying it.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator