With all the issues highlighting the speed that exploits are now being
written (eg http://www.securityfocus.com/news/11285 )
The window between exploit/vuln, appears on average, to be getting tighter.
We have an SME network and I used to have a week or so to test patches
before rolling them out.
This all begs the question now, with limited resources, do I just patch and
not worry about testing? I definitely have fewer resources than some of the
companies that were hit (CNN et al) and less time to dedicate to patching.
Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?
written (eg http://www.securityfocus.com/news/11285 )
The window between exploit/vuln, appears on average, to be getting tighter.
We have an SME network and I used to have a week or so to test patches
before rolling them out.
This all begs the question now, with limited resources, do I just patch and
not worry about testing? I definitely have fewer resources than some of the
companies that were hit (CNN et al) and less time to dedicate to patching.
Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?
Kind Regards
Murad Talukdar
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]