RE: Impressions - April Microsoft Patches

["Kerry Steele" <[EMAIL PROTECTED]>]

With exploit code surfacing the same day, it would be nice to have some
form of advanced warning about possible mitigation techniques ahead of
time (if any).  Seems like a repeat of the lack of timely information
similar to MS04-007.

What good is a patch management tool when the vendors don't release
patches for 6-9 months, by which time the security researchers are ready
to pull the trigger on their PoC exploit code?

Good configuration management, user mgmt/education, and good
old-fashioned system hardening/lockdown techniques must always accompany
a PM solution.

With the release of these particular patches, I sympathize for the folks
that don't have a good PM program in place already.

Cheers,
Kerry Steele

________________________________

From: Paul Nelson [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, April 13, 2004 4:38 PM
To: Patch Management Mailing List
Subject: Impressions - April Microsoft Patches


Although I am applauding Microsoft for making some more efficient moves
in patch releases to save admins from running around and screaming all
of the time, this seems like a lot of holes to cover at once.
 
What is everyone's reaction to the seriousness of these?  With more
vulnerabilities against domain controllers, ASN.1, and RPC services for
example, we are facing a very difficult time to keep from being
exploited.  I'm just concerned about the testing I need to do prior to
rollout of these....it needs to be pretty extensive due to the impact.
(even with extensive patch management tools in place) 
 
I'm not complaining as I'm glad that these have all been identified, but
it comes as a surprise to see this may issues that were all released
today.
 
I'm interested in seeing other viewpoints and opinions.....

 
 
Paul Nelson
Network Specialist
Medical College of Ohio
(419) 383-3638
[EMAIL PROTECTED]
--- 
To unsubscribe send a blank email to
[EMAIL PROTECTED] 


---
To unsubscribe send a blank email to [EMAIL PROTECTED]