Re: Lousy update policy
From: Miha Pihler (miha.pihler_at_Atlantis-N0Spam.si)
Date: 08/01/03
- Next message: Sandi - Microsoft MVP: "Re: pop ups"
- Previous message: Sandi - Microsoft MVP: "Re: Patch 03-26 won't install"
- In reply to: William C. Mead: "Lousy update policy"
- Next in thread: Bill Sanderson: "Re: Lousy update policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 1 Aug 2003 14:37:43 +0200
Hi William,
Yes patches can still be downloaded manually (most recent two):
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-030.asp
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp
http://www.microsoft.com/security/security_bulletins/archive.asp
You could set up SUS (Software Update Service) inside your company. SUS
service would synchronize with Windows Update (transfer patches).
Administrator then has to approve patch for installation before it is
actually installed on client computer. Client installation can we controlled
via Group Policy...
Any patch or service pack downloaded from Microsoft is digitally signed.
Before patch or service pack is actually applied to the system it is checked
for valid signature. So if anyone was to replace a file with his own or if a
virus is to infect/modify a patch or service pack signature would not match
and patch (service pack) would not be applied.
Here are details on deployment:
http://www.microsoft.com/windows2000/windowsupdate/sus/susdeployment.asp
and here you can download SUS service:
http://www.microsoft.com/downloads/details.aspx?FamilyId=A7AA96E4-6E41-4F54-972C-AE66A4E4BF6C&displaylang=en
-- Mike MCSA 2K, MCSE 2K, MCT, ... "William C. Mead" <wcm@ansr.com> wrote in message news:053e01c357da$10027770$a601280a@phx.gbl... > Three things are wrong with the Microsoft Windows update > policy: > > 1) It's a breach of security (according to our policies) > to be connected to the Internet while logged in as > administrator (how long until the vandals break into the > process?) > > 2) Auto updating is wasteful for multiple computers > > 3) The process hangs up, wasting more time > > All these would be "fixed" if the old downloadable service > pack procedures were used. Are they still available? > It's not obvious from the Microsoft website. > > - wcm
- Next message: Sandi - Microsoft MVP: "Re: pop ups"
- Previous message: Sandi - Microsoft MVP: "Re: Patch 03-26 won't install"
- In reply to: William C. Mead: "Lousy update policy"
- Next in thread: Bill Sanderson: "Re: Lousy update policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
