Server Core Security Updates estimation revisited

Microsoft touts smaller attack surface as one of biggest benefits of using Server Core, compared to a Full installation of Windows Server 2008. Because a Server Core installation is optimized, it doesn’t include most of vulnerabilities found in Full installations. A consequence of these optimizations’s a Server Core installation might need fewer patches and possibly […]

Microsoft touts smaller attack surface as one of biggest benefits of using Server Core, compared to a Full installation of Windows Server 2008. Because a Server Core installation is optimized, it doesn’t include most of vulnerabilities found in Full installations. A consequence of these optimizations’s a Server Core installation might need fewer patches and possibly fewer reboots associated with installing these patches as well. Andrew Mason at TechEd Europe 2009 shared his research on amount of Server Core applicable patches and (most important) the amount of reboots involved with patching over last two years. See the pic below:

More info: Dirteam