Re: exploit to vulnerability

From: Bruce Martins (BMartins_at_extend.COM)
Date: 08/22/05

  • Next message: Trevor: "RE: Latest patches: restart issues?"
    Date: Sun, 21 Aug 2005 20:46:34 -0400
    To: <sbradcpa@pacbell.net>
    
    

    There are many factors that have to be taken into account whether the patch will break other software installed on other machines in particular developers whom may have many apps, so they may not break the OS or other MS apps but they can and have other apps
    Bruce Martins
    Systems Administrator
    EXTEND>>MEDIA
    190 Liberty Street
    Toronto, Ontario
    Canada
    M6K 3L5
    _______________________
    e:bmartins@extend.com
    t: (416) 535-4222 ext. 2307
    f: (416) 535-1201
    http://www.extend.com
    --------------------------
    Sent from my BlackBerry Wireless Handheld

    -----Original Message-----
    From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] <sbradcpa@pacbell.net>
    To: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] <sbradcpa@pacbell.net>
    CC: Bruce Martins <BMartins@extend.COM>; talukdar_m@subway.com <talukdar_m@subway.com>; focus-ms@securityfocus.com <focus-ms@securityfocus.com>
    Sent: Fri Aug 19 22:57:53 2005
    Subject: Re: exploit to vulnerability

    ...and honestly...when's the last time you truly had an issue with a
    security patch on your desktops?

    Keep that in mind when you deploy/test.

    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:

    > Myself and other person are my 'canaries' in my office. We get the
    > first. Patches are deployed to a 'like' server at home. I then watch
    > the traffic in my Communities...www.patchmanagement.org has a very
    > active patch issue community and issues are reported there.
    >
    > There's also a WSUS listserve as well.
    >
    > If you cannot test.. you listen to those who can.
    >
    > Bruce Martins wrote:
    >
    >> To be honest I use my own machine to test out the patches before
    >> applying them to machines, not the best way but cuts down on time I
    >> don't have to test also use of vmware sometimes
    >> Bruce Martins
    >> Systems Administrator
    >> EXTEND>>MEDIA
    >> 190 Liberty Street
    >> Toronto, Ontario
    >> Canada
    >> M6K 3L5
    >> _______________________
    >> e:bmartins@extend.com
    >> t: (416) 535-4222 ext. 2307
    >> f: (416) 535-1201
    >> http://www.extend.com
    >> --------------------------
    >> Sent from my BlackBerry Wireless Handheld
    >>
    >>
    >> -----Original Message-----
    >> From: Murad Talukdar <talukdar_m@subway.com>
    >> To: focus-ms@securityfocus.com <focus-ms@securityfocus.com>
    >> Sent: Fri Aug 19 02:11:17 2005
    >> Subject: exploit to vulnerability
    >>
    >> With all the issues highlighting the speed that exploits are now being
    >> written (eg http://www.securityfocus.com/news/11285 )
    >> The window between exploit/vuln, appears on average, to be getting
    >> tighter.
    >>
    >> We have an SME network and I used to have a week or so to test patches
    >> before rolling them out. This all begs the question now, with limited
    >> resources, do I just patch and
    >> not worry about testing? I definitely have fewer resources than some
    >> of the
    >> companies that were hit (CNN et al) and less time to dedicate to
    >> patching.
    >> Should I just use auto updates/GP to patch everything regardless?
    >> What do other SME admins do?
    >>
    >> Kind Regards
    >> Murad Talukdar
    >>
    >>
    >>
    >>
    >> ---------------------------------------------------------------------------
    >>
    >> ---------------------------------------------------------------------------
    >>
    >>
    >>
    >>
    >>
    >> ---------------------------------------------------------------------------
    >>
    >> ---------------------------------------------------------------------------
    >>
    >>
    >>
    >>
    >>
    >

    -- 
    Letting your vendors set your risk analysis these days?  
    http://www.threatcode.com
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Trevor: "RE: Latest patches: restart issues?"