I would definately recommend testing the patches. How can we rely on
Microsoft to protect our machine anyway?
On 8/19/05, Poole, Gary <GPoole@wc.com> wrote:
We used Windows Update Services and GPO to test a pilot group initially,
but when the threat escalated, we decided to risk it seeing as we had no
issues with the pilot group and used WUS to deploy the applicable
patches firm wide. We had our firm client machines patched within the
day, excluding any laptops not in the office. It really helped us allot
to have a patch deployment system ready for this issue.
Testing is always preferred, but given the fact that we have never had a
patch break anything in our environment, the risk of infection from this
worm was greater than the risk of any client issues caused by the patch.
That's just my two cents worth.
-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@subway.com]
Sent: Friday, August 19, 2005 2:11 AM
To: focus-ms@securityfocus.com
Subject: exploit to vulnerability
With all the issues highlighting the speed that exploits are now being
written (eg http://www.securityfocus.com/news/11285 ) The window between
exploit/vuln, appears on average, to be getting tighter.
We have an SME network and I used to have a week or so to test patches
before rolling them out.
This all begs the question now, with limited resources, do I just patch
and not worry about testing? I definitely have fewer resources than some
of the companies that were hit (CNN et al) and less time to dedicate to
patching.
Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?
Kind Regards
Murad Talukdar
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------
NOTICE:
This message is intended for the use of the individual or entity to which it
is addressed and may contain information that is privileged, confidential and
exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for
delivering this message to the intended recipient, you are hereby notified
that any dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this communication in error, please
notify us immediately by reply or by telephone (call us collect at (202)
434-5000) and immediately delete this message and all its attachments.
============================================================
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
