Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Third party patches, a matter of trust by n3td3v

from [coderman] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Third party patches, a matter of trust by n3td3v
Date: Thu, 30 Mar 2006 04:40:22 -0800 
On 3/29/06, n3td3v <n3td3v@gmail.com> wrote:


Third party patches, a matter of trust

Why are third party patches a bad thing?


they are only a bad thing if they are not trusted and not well tested.



They force Microsoft to rush out a patch before
Q.A testing has been fully completed in the time scale
Microsoft would have initially hoped.


M$ is never forced to do anything.

a short / inadequate test cycle for the third party patch is indeed
something to consider though.  (presumably anyone deploying a third
party patch is also doing much more testing than they would for a M$
tested and sanctioned patch)



Is it responsible for eEye to release a third party patch before Microsoft?


absolutely.

is it responsible for any system administrator to apply the eEye patch?
that depends on trust and testing... :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Third party patches, a matter of trust by n3td3v, nick johnson
Next by Date:  Re: [Full-disclosure] linux routing table ip-lookup algorithm ??, Javor Ninov
Previous by Thread:  Re: [Full-disclosure] Third party patches, a matter of trust by n3td3v, Aaron Gray
Next by Thread:  RE: [Full-disclosure] Third party patches, a matter of trust by n3td3v, Chris Locke
Indexes:  [Date] [Thread] [Top] [All Lists]