Re: Patch Management - Policy/Practice

From: chris@nospam.com
Date: 03/23/03


From: chris@nospam.com
Date: Sat, 22 Mar 2003 17:52:12 -0800

On Sun, 23 Mar 2003 01:04:12 GMT, "Ric Griffy"
<alakevue.at@tampabay.rr.com> wrote:

>Quite often you can read the details of an exploit and instead of applying
>the patch immediately, just do a work around. For example when M$ said port
>1434 was a problem I immediately killed port 1434 udp and tcp thru the
>firewall. Thus I could wait until later to test and apply the patch.
>It is foolhardy to assume that any patch will work properly in your
>environment.

That's my philosophy. For example, the WebDav patch wasn't critical
if you had already locked down IIS. If you didn't need it, you could
disable WebDav. Of course why the hell its installed as a default is
another question.

In fact, I just yelled and screamed at my help desk guy for installing
the WebDav patch on the intranet server without asking first.

-Chris