Re: Russ Cooper's AusCERT Presentation on MS Security Bulletins
From: Jake (jake_at_NTHELP.ORG)
Date: Thu, 3 Jun 2004 19:20:46 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Resending. This can go to the list.
What is it that you would like Microsoft to do? It's a simple question.
However, there is no simple answer and there never will be. As an MVP,
Microsoft asks me ALL the time for my opinion of there products, services,
and goals. Every MVP I have met has always been very frank with Microsoft
and one of the top suggestions is "security". What is security? Patches?
Firewalls? Built-in? Third-Party? How does the U.S. Navy secure an
carrier? An aircraft carrier is NEVER left alone out there at sea. It
takes teamwork. My point is this, Microsoft's Security Push can not be
patches, there has to be other pieces of the "team". The fact that newer
releases of their products are now configured differently in a
mode is a HUGE push for security. Something that I think you are
Quote: "I stressed that, IMO, far too much effort is being placed on
vulnerabilities. To the best of my knowledge, only 2 wide-spread attacks
have occurred involving IE vulnerabilities, yet there have been at least
83 vulnerabilities patched for IE. Clearly a lot of effort is being
spent patching vulnerabilities which have not resulted in exploits, IMO,
a large waste of Corporate resources."
A waste of resources? How so? This statement has me completely baffled.
Would you rather them NOT patch and wait for an exploit before reviewing
patching the software? If the security push is to detect failures BEFORE
they happen, WHY are you considering it a waste of time when they do as
say they would?
A final note, do you think that the guys reviewing the code for older
apps/products are the same ones that wrote the apps/products? Well, for
most part, they're not. What does this mean? Learning curves, patience,
and lot's of time. Vulnerabilties are going to affect all versions (nt4
through win2k3) because, "If it ain't broke, don't fix it." So now that
"Big Push" has begun, they've started finding vulnerabilites, and as they
test and test and test and test... they are finding that things weren't
broken and never fixed. So now they are being fixed, and they are being
fixed retroactivly. Is that not a sign that Microsoft is trying?
>> Windows Server > IIS
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Russ
Sent: Wednesday, June 02, 2004 1:43 PM
Subject: Russ Cooper's AusCERT Presentation on MS Security Bulletins
<SNIPPED FOR SPACE>
Patch Automation v6.0 by Mobile Automation, Inc. allows you to quickly
identify and fix all PC's that are exposed to the Sasser worm! Our
solution provides quick and seamless discovery and deployment of all your
PC computer's Microsoft security patching needs. Regardless of where
you're PC's reside (inside the LAN, at home or on the road), Patch
Automation gets the job done. Contact us to learn about our free 30-day
trial version at 800-344-1150 or visit our website at