AW: Patch Downloading from Microsoft

From: mla (mla@softlogic.de)
Date: 02/23/02

Previous message: George M. Garner Jr.: "RE: reading data from RAM"
In reply to: Samuel Zechariah Harvey: "Patch Downloading from Microsoft"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "mla" <mla@softlogic.de>
To: <focus-ms@securityfocus.com>
Date: Sat, 23 Feb 2002 14:02:59 +0100

I contacted MS about this problem. Here is their answer:

"There is a small lag in the publishing of the patches to the individual
download sites, in addition to the standard download center. The
bulletin for MS02-009 has been updated with the additional download
detail, and the bulletin for MS02-008 will be updated as soon as that
additional download location is ready."

I've already check both and now they do contain the individual download
locations.

Th. Klein

-----Ursprüngliche Nachricht-----
Von: Samuel Zechariah Harvey [mailto:slyde@polartek.net]
Gesendet: Freitag, 22. Februar 2002 04:56
An: focus-ms@securityfocus.com
Betreff: Patch Downloading from Microsoft

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Having just received Microsoft Product Security Bulletins
MS02-008 thru 0010, I went to download the patches necessary. In each
bulletin it lists Windows Update as the *ONLY* means to download these
patches. Does anyone know if this will be the standard, or if Microsoft
is just releasing these patches in this manner? If this is a glimpse of
things to come, what does Microsoft hope to accomplish by this? Do they
realize how much harder this will be to script/implement/update
computers in a large network environment? Especially if they have to
contact Microsoft via the internet, instead of grabbing the patches from
an intranet site? I really hope this is not a developing trend.

Zech Harvey, MCP

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1

iQA/AwUBPHXBMrslprqWkv0jEQIoMgCgnmmaDCobIJQdXj1l+EChEOxjIvQAoOf2
snLOXNZNae5HeubdxYpoKmAC
=446R
-----END PGP SIGNATURE-----

Previous message: George M. Garner Jr.: "RE: reading data from RAM"
In reply to: Samuel Zechariah Harvey: "Patch Downloading from Microsoft"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: WindowsXPSP2
... Microsoft is currently doing a large amount of work in making Patch ... future patches will only include information about the parts of the ... They do and they don't - it depends on the download mechanism. ... size of the Network install. ...
(microsoft.public.windowsxp.general)
Re: Why not patch all windows and not just legal copies
... IMHO the best solution would be to remove the validation requirement from the genuine Microsoft site or put the genuine microsoft patches on a FTP somewhere under a CVS like system to verify that they have not been tampered with. ... Sophisticated hackers can easily shift like the HIV virus so we must reduce the attack surface and offer a very easy path for these thieves to patch their nasty computers. ... And, if you did that, and it forced everyone's computer to download the patches at the exact same time, the servers would crash. ...
(microsoft.public.security)
Re: Problems with Automatic Updates - Help !!!
... >> Windows Update to go and download the patches with Admin Powered ID, ... Wrong John Doe. ... away from open flames, naked flames and old flames; avoid inhaling fumes; ...
(alt.os.windows-xp)
Re: Request for help with online security
... I'm not sure why you would take the chance, when most of the patches are ... Download hfnetchk and Microsoft Baseline Security Advisor from ... Make sure NAV is set to download updates every day. ...
(microsoft.public.security)
Re: A response to Phil Carmody.
... This means either Microsoft ... >> is illegal, close the download sites. ... > beyond your sole intention of just teaching hutch a lesson (I'm not ... knows the download sites and does nothing to stop this sites. ...
(alt.lang.asm)