RE: Security templates and settings in Windows XP
- From: "Derick Anderson" <danderson@xxxxxxxxx>
- Date: Thu, 29 Dec 2005 11:13:41 -0500
> -----Original Message-----
> From: MVP Brian B [mailto:mine@xxxxxxxxxxx]
> Sent: Wednesday, December 28, 2005 10:32 PM
> To: focus-ms@xxxxxxxxxxxxxxxxx
> Subject: RE: Security templates and settings in Windows XP
>
> IMO, it's just a matter of doing your homework, really. The
> bypass traverse issues were only due to the fact that certain
> admins didn't research it before implementing. The MS
> Security Templates are often much improved when adding bits
> and pieces of your own, (making your own ADM files or
> altering existing ones.) MS defaults don't hold a lot of
> water much of the time but are certainly good things to use
> if you're just learning active directory, etc.
Research? It took Zotob 6 or 7 days to come out after MS05-39. There's a
0-day for WMF which has been out for two days now:
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
I'd love to have the time to research updates before applying them but I
think there's more risk in waiting than in having MS standard templates
applied. It won't surprise me in the slightest when I start getting WMF
exploit emails with the pictures embedded (rather than linked). I just
wonder whether Microsoft will have a patch out in time. I can tell you I
won't be taking the time to research it before pushing the update
button.
Derick Anderson
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Prev by Date: RE: Security templates and settings in Windows XP
- Next by Date: RE: Security templates and settings in Windows XP
- Previous by thread: SecurityFocus Microsoft Newsletter #271
- Next by thread: RE: Security templates and settings in Windows XP
- Index(es):
