If want to know whether or not to install the latest Microsoft patches in your ICM / Contact Servers here is what you need to do.
Cisco does not publish any OS patches and it is the responsibility of the customer to do so. As a general
rule you can install all the security patches from Microsoft but you need to verify first
if they have any impact . You need to go to the following link which will lead you to Cisco Security
Center:
http://tools.cisco.com/security/center/home.x
Scroll down to the bottom of the page and click on the 'View More' link
Then on the left click on the 'Event Responses'. This link basically contains all the Cisco
responses to monthly Microsoft Security Bulletins.
You click on the one you are interested in, and you will see more information related to
every Microsoft Security Bulletin release. On that page click on the following link
'Impact Assessment of September 2010 Microsoft Security Bulletins on Cisco Contact Center and Self Service Products'
You will see the list of affected Cisco products and an assessment of every vulnerability
Microsoft announced. There are three categories:
Impacting
Deferred
Not applicable
You can find the definition for these categories here:
http://www.cisco.com/en/US/prod/collateral/voicesw/custcosw/ps5693/ps1844/product_bulletin_c25-455396.html
Please note that Cisco cannot document all possible results when applying MS security patches,
therefore Cisco cannot say 'Yes they are safe' as it is always possible that even tested fixes
affect items within your environment that Cisco does not have control over or insight to.
Furthermore, you should not enable automatic updates for the operating system or the SQL server.
For example, if you want to install Microsoft's patch KB982214 released in August here is the
link you should go to:
http://www.cisco.com/web/about/security/intelligence/IA_aug10.html
You can see that the this was classified as impacting by Cisco