Re: Patch Management - Policy/Practice
From: email@example.com Date: Sat, 22 Mar 2003 17:52:12 -0800
On Sun, 23 Mar 2003 01:04:12 GMT, "Ric Griffy"
>Quite often you can read the details of an exploit and instead of applying
>the patch immediately, just do a work around. For example when M$ said port
>1434 was a problem I immediately killed port 1434 udp and tcp thru the
>firewall. Thus I could wait until later to test and apply the patch.
>It is foolhardy to assume that any patch will work properly in your
That's my philosophy. For example, the WebDav patch wasn't critical
if you had already locked down IIS. If you didn't need it, you could
disable WebDav. Of course why the hell its installed as a default is
In fact, I just yelled and screamed at my help desk guy for installing
the WebDav patch on the intranet server without asking first.