RE: [inbox] Re: [Full-Disclosure] 3 new MS patches next week... but none fix

From: Exibar (exibar_at_thelair.com)
Date: 01/10/04

  • Next message: Tim: "Re: [inbox] Re: [Full-Disclosure] 3 new MS patches next week... but none fix" 
    To: "Tim" <tim-security@sentinelchicken.org>, "Joe" <mvp@joeware.net>
Date: Sat, 10 Jan 2004 12:18:42 -0500

    >I think it is a totally lame approach. The patch distribution problem
    >has been pretty much solved by other vendors. We would all sleep better
    >at night if M$ would just get a clue. Oh well.
    >
    >tim

      It's not that Microsoft doesn't have a clue, they do. We are getting
    regular patches for holes that are found are we not? If they didn't have a
    clue, we would have yearly patches or none at all. Ok, there may be some
    holes that aren't patched yet, but I'm sure they're working on them and
    they're coming. Some patches just have to take precedence over others.

      I've seen quite a few vulnerabilities come across this list in this past
    week, not many have vendor fixes yet either. This is not a Microsoft
    exclusive problem. We need a better way to patch systems, ALL systems.

       I've said it once on another list, and I'll say it here, we need a sort
    of "patching server" that is on an isolated subnet. When a machine first
    connects to the network, it gets an IP address and is only allowed to talk
    to the patching server(s). Once the patching servers (for ALL OS's mind
    you) determine that the machine is up to date with it's patches, then and
    only then is it allowed to connect to the production network.

      Now this won't take care of 0-day exploits for 0-day vulns, but it would
    have taken care of 95% of the scrambles that a lot of companies went through
    last year.

      Let me ask this question, if you were running a company with 30,000 LINUX
    boxes. How would you patch all of them? Don't a lot of Linux patches
    require a re-build of the kernel?

      Exibar

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Tim: "Re: [inbox] Re: [Full-Disclosure] 3 new MS patches next week... but none fix"

    Relevant Pages

    • Re: [inbox] Re: [Full-Disclosure] 3 new MS patches next week... but none fix
      ... >> It's not that Microsoft doesn't have a clue, ... we would have yearly patches or none at all. ... >> some holes that aren't patched yet, but I'm sure they're working on them ... > Oh, and if you want to patch ALL of your 30000 systems, just install ...
      (Full-Disclosure)
    • Re: IE Wont open Media Player
      ... > Can you give some clue on the time frame for the update? ... Except for "out of band" releases, most patches are released on the second ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • Re: [PATCH 2.6.26 1/25] mdb: Merkeys Kernel Debugger
      ... I note that all of these 25 patches have the same title, ... -mm as they will not load into Andrews patch tools. ... for the specific sub-systems or architectures touched may only look over ... Without any clue in the title ...
      (Linux-Kernel)
    • Re: XFree86-4.2.0 ?
      ... > The source code without FreeBSD/alpha specific patches is pretty ... No clue about how to go about using it, what about portdowngrade in ...
      (freebsd-questions)
    • Re: SNMP Vulnerability Hype
      ... Most vendors will plug security exposures quickly when they become aware ... and try to get patches out right away. ... My understanding is that IBM began finding and fixing problems in SNMP ...
      (comp.security.unix)