RE: which security hotfixs to implemet ?

• Previous message: Marco Monicelli: "Protected Storage on Windows XP"
• In reply to: Juan B: "which security hotfixs to implemet ?"
• Next in thread: Andrew Shore: "RE: which security hotfixs to implemet ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Juan B'" <juanbabi@yahoo.com>, <security-basics@securityfocus.com>
Date: Wed, 24 Nov 2004 09:15:14 -0600

My suggestion would be that if you don't need something on the server,
remove it! Following your example, if you don't use media player on the
server (which is probably true for most people), then uninstall it. That
way, you don't have to worry about any problems from that program, whether
it is a patch not being installed or a patch that broke something.

The same goes for services. If there is a service that is not essential to
the function of the server, disable it.

Hope this helps.

Steve Fletcher

MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+,
CCA

safletcher@insightbb.com

-----Original Message-----
From: Juan B [mailto:juanbabi@yahoo.com]
Sent: Tuesday, November 23, 2004 6:17 AM
To: security-basics@securityfocus.com
Subject: which security hotfixs to implemet ?

Hi,
I ran microsoft baseline security against our IIS web
servers.
the output ( for example) on some servers was that
there are some critical updates related to windows
media player which I need to implement ,my question
is: Do I really need to implement fixes to
applications that I dont use ( but still are installed
on the server) on those servers (like windwos media
player that we dont use on our web servers? ).

thanks !
 

                
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
 

• Previous message: Marco Monicelli: "Protected Storage on Windows XP"
• In reply to: Juan B: "which security hotfixs to implemet ?"
• Next in thread: Andrew Shore: "RE: which security hotfixs to implemet ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Boeing 747 & 777 autoland in crosswind certification video - impressive! ... What is happening here is that the server is lying ... the media player is doing more than that. ... imagine that you had a magic gadget that ... > If you want to complain about anyone, complain about the server serving up ... (rec.aviation.piloting) [Full-disclosure] Re: n3td3v yahoo crap ... downloaded by the intended party, so the file is left on the server, until ... Yahoo decides to expire the file. ... Shouts to henrit@xxxxxxxxxxxxx who was the security engineer at the ... (Full-Disclosure) Re: Media Player ver 10. ... Windows Media Player ver 11 has been out for a while now and I've yet to see a version that will install on Windows Server 2003. ... Microsoft will undoubtedly stop creating security patches for Media Player ver 10 and this concerns me that I may have a big security risk looming on my servers. ... (microsoft.public.windows.server.general) Re: Boeing 747 & 777 autoland in crosswind certification video - impressive! ... What is happening here is that the server is lying ... the media player is doing more than that. ... imagine that you had a magic gadget that ... figures out how to play the file in spite of that incorrect information. ... (rec.aviation.piloting) Re: Custom Controls & Javascript ... So I have a Media Player object on my screen & I don't want the page to ... refresh because it will cause my Media Player to refresh.... ... not performing this operation on the server. ... this operation on the client side. ... (microsoft.public.dotnet.framework.aspnet.webcontrols)