Hi,
I use WSUS for dektops - I have one computer group configured for myself and my
technician. As patches appear the are approved for us, if they don't cause any
issues they are then approved for the rest of the desktops. Turn around can be
as little as a day.
Servers are a different matter, I tend to install the patches at planned
maintenance intervals so I have to take a view as to whether the issue is
serious enough for me to reboot the servers or if other layers of protection
such as AV software would mitigate any potential threat til the next planned
maintenance interval.
Richard
-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@subway.com]
Sent: 19 August 2005 07:11
To: focus-ms@securityfocus.com
Subject: exploit to vulnerability
With all the issues highlighting the speed that exploits are now being
written (eg http://www.securityfocus.com/news/11285 )
The window between exploit/vuln, appears on average, to be getting tighter.
We have an SME network and I used to have a week or so to test patches
before rolling them out.
This all begs the question now, with limited resources, do I just patch and
not worry about testing? I definitely have fewer resources than some of the
companies that were hit (CNN et al) and less time to dedicate to patching.
Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?
Kind Regards
Murad Talukdar
---------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------
Disclaimer: This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you have received this email in error please notify the
originator of the message. This footer also confirms that this
email message has been scanned for the presence of computer
viruses and Henshaws Society for Blind People will not accept
any responsibility for any loss of data or financial loss caused
directly or indirectly by opening or processing this email and any
accompanying attachments.
Any views expressed in this message are those of the individual
sender, except where the sender specifies and with authority,
states them to be the views of Henshaws Society for Blind People.
Please Note: Recipients of this message should be aware that
Henshaws Society for Blind People reserves the right to monitor
all email sent to and from the hsbp.co.uk domain or any other
domain that may be administered by the said organisation.
Head office telephone number: 0161 872 1234
Head office fax number: 0161 848 9889
website: http://www.hsbp.co.uk
---------------------------------------------------------------------------
---------------------------------------------------------------------------
