Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Windows XP SP2 update

from [Jim Harrison (ISA)] Network Security [Permanent Link]
Subject: RE: Windows XP SP2 update
Date: Sat, 9 Apr 2005 08:52:39 -0700 
Jeez, folks; this is absurd.
PLEASE perform a modicum of research and testing before making such
noises.

AU has three basic settings 
- auto-download and install on a schedule
- auto-download on a schedule and wait for user action to install
(DEFAULT)
- do nothing, wait for user intervention

How about SUS or WSUS?  Here's how you control bandwidth - by making
patches centrally available within the environment itself and <GASP>
control which patches are published to the users.

If you're really concerned about your customers, then help them exercise
control over their environment.  AU can be controlled by registry
entries if GPO aren't an option and its <GASP> all documented on a
freely-downloaded document available here:
http://www.microsoft.com/windowsserversystem/updateservices/techinfo/pre
vious/susdeployment.mspx. 

BTW, considering that XP SP2 has been out for nearly a YEAR, you've all
had more than enough time to evaluate the impact XPSP2 has in various
deployments.  If you found something in XPSP2 and failed to report it,
that particular problem lies squarely on your own shoulders.

Jim

-----Original Message-----
From: Bob Lachance [mailto:boblach@hotmail.com] 
Sent: Friday, April 08, 2005 11:57
To: focus-ms@securityfocus.com
Subject: Re: Windows XP SP2 update



"However--and this is the most important point--Automatic Updates won't



automatically install SP2 at that time.


*** But they will automatically DOWNLOAD won't they?

Bandwidth considerations ?

-Bob





Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:


Gawd bless it...not another post...

NO THEY ARE NOT....

1.  only if you had the kill bit enabled...do you?  I didn't..I don't

know 

of anyone who used it ... is it expiring
2.  Only if you have autoupdates enabled... kill bit gone...then shut

off 

AU
3.  even with the AU enabled, the kill bit gone you STILL have to

click on 

a EULA

Geeze between Microsoft themselves not clarifying how few people used 
this, how few people will be affected by this.. it's insane the amount

of 

misinformation April 12th has.

Nothing will happen..if you want to stay on a less secure XP sp1...

you 

have every right to do so.

Me I already upgraded a long time ago.

And no.. Windws 2003 isn't on AU either... if you got it you approved

it 

on SUS or you WU'd it yourself..

The FUD over this kill bit thing is insane.

Like a fellow mvp said... he thinks he could convince people that it

will 

be installed even if the computer isn't turned on and he bets that the



newsmedia would buy it.

Susan

John Madden wrote:


Forgot about this one...

Microsoft is forcing the upgrade to XP2 by april 12th.

This is going to be a nightmare if all pc's get
updated at the same time...


http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2aum

ng.mspx




       __________________________________ Yahoo! Messenger Show us

what 

our next emoticon should look like. Join the fun. 
http://www.advision.webevents.yahoo.com/emoticontest

---------------------------------------------------------------------

------


---------------------------------------------------------------------

------










--
Chapter 4 of The Complete Patch Management Book: 
https://www.ecora.com/ecora/jump/pm149.asp

So why is it the only book on NT Event Logging is out of print?
http://tinyurl.com/3kwc2

And if you don't know about www.eventid.net You should!


-----------------------------------------------------------------------

----

-----------------------------------------------------------------------

----






------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PEAP based 802.1x LAN authentication, Rodrigo Blanco
Next by Date:  RE: Windows XP SP2 update, Ken Schaefer
Previous by Thread:  Re: Windows XP SP2 update, Bob Lachance
Next by Thread:  RE: Windows XP SP2 update, Ken Schaefer
Indexes:  [Date] [Thread] [Top] [All Lists]