Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: Installing patch KB837001 via Windows Update
.

  • To: "Patch Management Mailing List" <[EMAIL PROTECTED]>
  • Subject: Re: Installing patch KB837001 via Windows Update
  • From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <[EMAIL PROTECTED]>
  • Date: Thu, 15 Apr 2004 19:59:49 -0700
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]>
  • Reply-to: "Patch Management Mailing List" <[EMAIL PROTECTED]>
.
 
Okay it's the end of the day and I gotta rant. We keep talking about how Microsoft should regression test these patches and yet look what we are asking them to do. 

In IE they have to release it in 400 different interations.
http://radio.weblogs.com/0001011/2004/01/14.html#a6186
I have wacked off smb signing on my box. I have Line of business software that they've never heard of, you name it. If you do a tripwire on a server, you see that it's in constant motion with log files and all the things it does on a daily basis. It's sort of like an airplane when you think about it..... as you go thundering down the runway somehow it just works. It's actually kind of amazing in that. 

http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914659,00.html
Yes, I want them to build better patches, but I'd rather they'd build patches in a way that I can get back to where I was before the patch went on as well. The reality is they cannot patch for all the "junk" that I have on my box. And that's the reality of Patch Managment. I have to take the risk. I have to make the decision. In my office I'm taking the chance that my ports are pretty nice and tight and nothing [while exploit code is out] is in worm mode and I'm coming in to the office tomorrow when everyone else is making a nice three day weekend out of it and patching my LAN and cleaning my office. [Do I know how to party or what?]
The point is no vendor can patch test for the environments we have. Ever. So we need to take our own responsibility for our networks. 

Susan



Hien Nguyen wrote:


I ran another update today and it seemed that all the patches installed OK.
Checked Add/Remove Programs, checked the registry, and the patches are all
there. It's strange that when WU install the patch KB837001 (MS04-014), it
took a rather long time to complete (nearly 10 minutes for me).

So far, I have not notice any side-effects. So it's a case of monitoring the
servers and see if any errors will come up.

One would think that when patches are released, that they have been
thoroughly regression tested. But when patches are deemed critical, you have
little choice but patch, and patch quickly.

Thanks to everyone who has responded.

Hien Nguyen
Network Administrator
Information Technology
City of Whittlesea
Australia


Any personal or sensitive information contained in this e-mail and attachments must be handled in accordance with the Victorian Information Privacy Act 2000, the Health Records Act 2001 or the Privacy Act 1988 (Commonwealth), as applicable.
This e-mail, including all attachments, is confidential. If you are not the intended recipient, you must not disclose, distribute, copy or use the information contained in this e-mail or attachments. Any confidentiality or privilege is not waived or lost because this e-mail has been sent to you in error. If you have received it in error, please let us know by reply e-mail, delete it from your system and destroy any copies. 

---
To unsubscribe send a blank email to [EMAIL PROTECTED]



--
http://www.sbslinks.com/really.htm



---
To unsubscribe send a blank email to [EMAIL PROTECTED]
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.