Re: Microsoft's latest Security update M03-007
From: Jeff Cochran (jcochran.nospam@naplesgov.com)
Date: 03/19/03
- Next message: drew: "Websites that have .exe downloadables."
- Previous message: Steven L Umbach: "Re: cannot access routing & remote access"
- In reply to: Analysis&Solutions: "Re: Microsoft's latest Security update M03-007"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Microsoft's latest Security update M03-007"
- Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Microsoft's latest Security update M03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jcochran.nospam@naplesgov.com (Jeff Cochran) Date: Wed, 19 Mar 2003 17:31:51 GMT
On Wed, 19 Mar 2003 16:37:42 +0000 (UTC),
info@analysisandsolutions.com (Analysis&Solutions) wrote:
>In <1bec01c2ee2a$eb55c8a0$3301280a@phx.gbl> "John Aird" <jaird@vwc.edu> writes:
>
>> I've got a Win2k Sp2 Server
>
>SP2 is the commonality I've seen as to why some systems have problems
>with the patch. Everyone thus far who's installed the patch without
>incident, like myself, has been using SP3, while those complainning are
>have SP2.
In my case, it's worked fine on servers and workstations with SP2 and
SP3.
>Uh, why don't you have SP3 on there, anyway? Have you applied all
>patches since SP2? Or just some?
Our outward-facing web servers don't have SP3, it didn't play nice
when we tested deployment of it. Of course, they already had WEBDAV
disabled from original configuration, so weren't vulnerable to that as
an exploit, and URLScan is blocking those requests as well. (Still
installed the 007 patch).
We don't normally apply every fix or service pack that comes along, we
apply those that meet our needs and work in our environment. In some
cases this means that security fixes have not been deployed, for
example, we didn't apply SP3 for SQL to stop Slammer. Of course, our
firewall was already configured to drop requests on those ports, plus
we reassign ports for SQL as a matter oif policy anyway, so the fix
really didn't fix any vulnerability we had.
Jeff
- Next message: drew: "Websites that have .exe downloadables."
- Previous message: Steven L Umbach: "Re: cannot access routing & remote access"
- In reply to: Analysis&Solutions: "Re: Microsoft's latest Security update M03-007"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Microsoft's latest Security update M03-007"
- Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Microsoft's latest Security update M03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
