Re: Testing MS Security Patches?

From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
Date: Fri, 27 Jan 2006 16:26:09 -0700

Your validation needs to be accomplished relative to the essential
applications,
services, and capabilities in your environment.
You could start by developing the list of essentials per your environment.
Then, with a test harness (which might be quite expensive to make "real")
that represents these capabilities of your production environment you would
need to validate the list of essentials after injecting the patches into the
test
machines.
All is much harder done that sketched.

--
Roger Abell
Microsoft MVP (Windows Server : Security)

"y2kbug_s97" <y2kbugs97@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:178C0A5D-51D0-46C6-8243-C3193B0C4871@xxxxxxxxxxxxxxxx
> Does anyone know of specific tests that should be performed before
> implementing MS security updates on production systems.
>
> I am a member of a large organization and we are trying to enhance our
> testing procedures before implementing MS security patches through out our
> production environments.
>
> Is there a document that shows what specific things should be considered?
>
> I'm looking for a guideline that displays how to validate that a security
> patch released by MS will not break any applications or the Operating
> System.

.

Prev by Date: Kama Sutra / W32.Blackmal.E worm questions
Next by Date: Re: backworm - way to keep safe
Previous by thread: Re: Testing MS Security Patches?
Next by thread: Re: Testing MS Security Patches?
Index(es):
- Date
- Thread

Relevant Pages

Its not personal (Was: Re: APACHE$PRIVILEDGED)
... As it is a very useful example of UWSS ... Some background on security and privileged application code... ... With OpenVMS constructs including device drivers (or drivers an ... environment -- most anything. ...
(comp.os.vms)
Re: APACHE$PRIVILEDGED
... The primary security on OpenVMS and on most other multi-processing operating systems is implemented via the memory management system and via what VAX calls the change-mode routines, via the Alpha SRM PALcode change-mode equivalent, or via what the IA-32 and IA-32e architectures refer to as the call gate. ... With OpenVMS constructs including device drivers )and user-written system services (UWSS; also known as privileged shareable images), these constructs operate in inner processor modes. ... One of the more hazardous situations for system security is a mixed environment; where there are resources shared between trusted and untrusted environments. ... Not only will the operation that requires privileges now be permitted, but other and potentially unintended operations can also be permitted. ...
(comp.os.vms)
RE: IDSIPS that can handle one Gig
... the need for IPS ... I hear this every now and then from security people, ... I have yet to see an environment (and I am a consultant so I see ... single Microsoft Windows patch. ...
(Focus-IDS)
RE: Port to z/OS or OMVS?
... I must disagree that the z/OS UNIX environment only offers a subset. ... > park when it comes to security. ...
(bit.listserv.ibm-main)
Re: Privilege-escalation attacks on NT-based Windows are unfixable
... >>> a well secured network. ... >> So you're basically saying that local privilege escalation doesn't ... > environment, this weakness is well behind other, like user writing down ... > security facilities ...
(comp.os.ms-windows.nt.admin.security)