I am also the canary here. And the spare machine we have here is a 'test'
machine too. But as you mentioned Susan, the last time something broke on a
desktop was two years ago and it just needed rolling back and then applying
again.
As for what Douglas said, I guess that you're right but I do still have to
trust MS to protect my machine, same as I trust Symantec/Spybot/Hijackthis
etc etc. I can't do the work of all of them by myself, so I put myself in
their hands, figuratively speaking.
I believe that the window is only going to get smaller and could tend to
0-day in the near future. Which makes me wonder, will MS have to create a
new patch cycle if needed? Ie, if people don't play by their patch
timetable?
-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:sbradcpa@pacbell.net]
Sent: Sunday, August 21, 2005 11:01 AM
To: kenneth@subway.com
Cc: Bruce Martins; talukdar_m@subway.com; focus-ms@securityfocus.com
Subject: Re: exploit to vulnerability
...and honestly...when's the last time you truly had an issue with a
security patch on your desktops?
Keep that in mind when you deploy/test.
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
Myself and other person are my 'canaries' in my office. We get the
first. Patches are deployed to a 'like' server at home. I then watch
the traffic in my Communities...www.patchmanagement.org has a very
active patch issue community and issues are reported there.
There's also a WSUS listserve as well.
If you cannot test.. you listen to those who can.
Bruce Martins wrote:
To be honest I use my own machine to test out the patches before
applying them to machines, not the best way but cuts down on time I
don't have to test also use of vmware sometimes
Bruce Martins
Systems Administrator
EXTEND>>MEDIA
190 Liberty Street
Toronto, Ontario
Canada
M6K 3L5
_______________________
e:bmartins@extend.com
t: (416) 535-4222 ext. 2307
f: (416) 535-1201
http://www.extend.com
--------------------------
Sent from my BlackBerry Wireless Handheld
-----Original Message-----
From: Murad Talukdar <talukdar_m@subway.com>
To: focus-ms@securityfocus.com <focus-ms@securityfocus.com>
Sent: Fri Aug 19 02:11:17 2005
Subject: exploit to vulnerability
With all the issues highlighting the speed that exploits are now being
written (eg http://www.securityfocus.com/news/11285 )
The window between exploit/vuln, appears on average, to be getting
tighter.
We have an SME network and I used to have a week or so to test patches
before rolling them out. This all begs the question now, with limited
resources, do I just patch and
not worry about testing? I definitely have fewer resources than some
of the
companies that were hit (CNN et al) and less time to dedicate to
patching.
Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?
Kind Regards
Murad Talukdar
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
