Tim Mullen, 2002-09-30
A recent XP security hole begs the question, do we really want Microsoft to release individual fixes for every bug?
Colapse all |
Post comment
One Patch to Rule Them All
2002-09-30
Anonymous (1 replies)
Anonymous (1 replies)
Security patchs are diffrent
2002-09-30
Anonymous
Anonymous
It is one thiong to fix an application that is buggy. It is abother to leave a network open because u want to wait till there is alot of stuff to work on. Both are typical for microsoft. Maybe they should spend a little time makeing the features they have now work. Fix the security problems of th...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Anonymous (1 replies)
Anonymous (1 replies)
Download time considerations aside, one problem I see with the service pack-only approach is Microsoft often releases patches that turn out to interact poorly with some software or configuration. What do you do if some piece of SP1 interferes with a critical piece of software you need to run?
Mi...
[ more ] [ reply ]
Mi...
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-02
Anonymous
Anonymous
The EULA is indeed a problem. As security administrator for
a government entity, I have to worry about things like HIPAA
compliance, which mandates both security and privacy for many
users in health-related fields. If we apply SP1, we show due
diligence for security in some respects, but fail ...
[ more ] [ reply ]
a government entity, I have to worry about things like HIPAA
compliance, which mandates both security and privacy for many
users in health-related fields. If we apply SP1, we show due
diligence for security in some respects, but fail ...
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Anonymous
Anonymous
Do you honestly think that Microsoft did this because of demand? No, they did it because someone provided them with a simple stand-alone fix. In "True Microsoft Fashion" they took the work of someone else and called it their own. It is so absolutely sad that people even think of giving them prais...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Anonymous
Anonymous
Tim Mullen, you're almost on top of things. Another reason for the XP SP1, and the reason MS will not release a standalone fix, is because of the pirated cd keys. MS *wants* you to install, require, and want SP1, this will make the previous keys (the pirated corp one that's floating about) worthless...
[ more ] [ reply ]
[ more ] [ reply ]
RE: One Patch to Rule Them All
2002-10-01
Piroufreek
Piroufreek
Sometimes, you wonder, huh? Great.
Wonder about this: Microsoft should release patches for SECURITY issues as soon as possible. Also, any patches for any issue should be released in whatever service pack Microsoft releases. Any other stance implies you are either a Microsoft puppet or you hav...
[ more ] [ reply ]
Wonder about this: Microsoft should release patches for SECURITY issues as soon as possible. Also, any patches for any issue should be released in whatever service pack Microsoft releases. Any other stance implies you are either a Microsoft puppet or you hav...
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Anonymous (1 replies)
Anonymous (1 replies)
NO! The best solution is NOT to apply a service pack to fix security bugs. Rather, it is to supply security patches separately from service packs. We should be able to patch the security holes with no strings attached. It is not acceptable for me to be forced to install non-security-related, unre...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Anonymous
Anonymous
You analyse the problem backward : the need is not to break an existing service pack for a partial security update. The need is for a faster single patch which will be consolidated later in a global service pack.
Each time a weakness is exposed, Microsoft should fixe it faster than they are doing...
[ more ] [ reply ]
Each time a weakness is exposed, Microsoft should fixe it faster than they are doing...
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
Todd Knarr
Todd Knarr
Yes, we want a la carte fixes for security holes. The problem with a mega-patch like XP SP1 is that it changes so much. It may introduce new bugs and security holes, or may just change things so that other software suddenly doesn't work or requires updates. To an admin responsible for systems that _...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-01
mjc
mjc
Included in the recently released XP SP1 where patches and fixes for flaws that were discovered shortly after the retail release of XP, Microsoft released fixes for those flaws and vulnerabilities earlier. If they hadn't, but instead waited until the SP was released some of them would have been le...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-02
security@NOdsia.SPAM.com
security@NOdsia.SPAM.com
>The fact is, the best way to provide ultimate update >levels for the client is with a complete service pack.
This is not fact, it's opinion.
>It isn't a perfect system, but the service pack paradigm
>the best we've got.
I work with a number of OSes, most notably nix (AIX, and Linux Redhat) in...
[ more ] [ reply ]
This is not fact, it's opinion.
>It isn't a perfect system, but the service pack paradigm
>the best we've got.
I work with a number of OSes, most notably nix (AIX, and Linux Redhat) in...
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-02
Magic Latern Knows who I am! (3 replies)
Magic Latern Knows who I am! (3 replies)
My thoughts exactly...that's why this week we are dumping all our MS Enterprise products and installing clusters of Novell's Netware 6.0, GroupWise and Linux controlled from NDS! Got hammered by Klez on all of our NT shares, while running GFI, NAV for Gateways and NAV on the desktop....
[ more ] [ reply ]
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-03
Anonymous
Anonymous
Good for you... more power to you! Be sure your IT department writes a nice, long letter to Microsoft's HQ and the local/district office letting them know just what they're losing and why. That's the only way they'll get a clue. By all means, have your company consider a press release as well. Make ...
[ more ] [ reply ]
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-03
Anonymous (5 replies)
Anonymous (5 replies)
Sounds like you need a beginners class in how to configure things so Klez WON'T be a problem. If at this late date Klez is still causing you problems it is because of an inept system admin, not a problem with the software products....
[ more ] [ reply ]
[ more ] [ reply ]
AMEN!!
2002-10-03
Full_Throttle
Full_Throttle
I get so sick and tired of all these people whining about MS this and MS that, when I have had nothing but success with them. We run Multiple HP servers(20+) with multiple processors, 3 huge Terminal Servers, 2 SQL Servers, we are in the process of rolling out XP to all of our 26 branches in 2 stat...
[ more ] [ reply ]
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-03
Anonymous
Anonymous
Bingo.
If he thinks switching to Netware and Groupwise is a solution, he's in for a big disappointment.
People act like these things are unique to Microsoft. They aren't. A lot of people need to get a &#$%&#* clue. Novell has had its share of individual patch vs. service pack issues in the pas...
[ more ] [ reply ]
If he thinks switching to Netware and Groupwise is a solution, he's in for a big disappointment.
People act like these things are unique to Microsoft. They aren't. A lot of people need to get a &#$%&#* clue. Novell has had its share of individual patch vs. service pack issues in the pas...
[ more ] [ reply ]
"not a problem with the software products."
2002-10-04
Anonymous
Anonymous
Idiot, you need to look at the vulnerabilities area of securityfocus...Browse the MicroSoft section, how could anyone in their right mind recommend Microsoft as a solution with those kind of problems?
In the 48 months (1996 to 2000) Exchange Server solution Customers - - who are also customers of...
[ more ] [ reply ]
In the 48 months (1996 to 2000) Exchange Server solution Customers - - who are also customers of...
[ more ] [ reply ]
"not a problem with the software products."
2002-10-04
Anonymous (1 replies)
Anonymous (1 replies)
Idiot, you need to look at the vulnerabilities area of securityfocus...Browse the MicroSoft section, how could anyone in their right mind recommend Microsoft as a solution with those kind of problems?
In the 48 months (1996 to 2000) Exchange Server solution Customers - - who are also customers of...
[ more ] [ reply ]
In the 48 months (1996 to 2000) Exchange Server solution Customers - - who are also customers of...
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-03
Anonymous (1 replies)
Anonymous (1 replies)
If you got "hammered" by Klez regarless of the AV solution involoved then:
(1) your AV solution sucks, or needs updating; or,
(2) the sysadmin is the weak link, not the system software; or,
(3) you're lying.
Going to Novell isn't going to fix your problem, the underlying situation will still...
[ more ] [ reply ]
(1) your AV solution sucks, or needs updating; or,
(2) the sysadmin is the weak link, not the system software; or,
(3) you're lying.
Going to Novell isn't going to fix your problem, the underlying situation will still...
[ more ] [ reply ]
Were dumping Microsoft!...Can't afford this kind of exposure any longer.
2002-10-09
T-1000
T-1000
Hello there. I think that if you all want have secure servers - there's many alternate OS'es for example, Linux (Mandrake, RedHat, SuSe - these are most knewn Linux distributtions), OpenBSD, NetBSD, FreeBSD(these are free well knewn Unixes) or commercial like AIX, HP OpenVMS(this one is used in mili...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All
2002-10-03
Darkphyber
Darkphyber
I don't agree with your argument at all. The current MS strategy of delaying the release of fixes until they can be bundled into a roll-up, or SP leaves can leave the end-user vulnerable for weeks, months or even years. There is certainly an advantage to bunlding all of your security updates for a...
[ more ] [ reply ]
[ more ] [ reply ]
One Patch to Rule Them All - let's think about this
2002-10-08
alittle disturbed (1 replies)
alittle disturbed (1 replies)
.. i believe that article/column is completely ignorant -- if you want to wait for just one full service pack, then all you will be patching is an 0wned machine ..
maybe this could be easier: have updates/fixes for known security flaws available for d/l as soon as possible.. have a running list ...
[ more ] [ reply ]
maybe this could be easier: have updates/fixes for known security flaws available for d/l as soon as possible.. have a running list ...
[ more ] [ reply ]
One Patch to Rule Them All - let's think about this
2002-10-08
Anonymous (1 replies)
Anonymous (1 replies)
>i believe that article/column is completely ignorant -- if
>you want to wait for just one full service pack, then all
>you will be patching is an 0wned machine ..
>take a minute to think about what you are writing about
Who said anything waiting for a service pack to patch? What I got out...
[ more ] [ reply ]
>you want to wait for just one full service pack, then all
>you will be patching is an 0wned machine ..
>take a minute to think about what you are writing about
Who said anything waiting for a service pack to patch? What I got out...
[ more ] [ reply ]
He should have called this article "Flame Bait"...
2002-10-09
Anonymouse (1 replies)
Anonymouse (1 replies)
Oh boy... an article supporting something that Microsoft did. I can hear the collective hum of the millions of fingers of Micro$oft-haters lighting up their keyboards......
[ more ] [ reply ]
[ more ] [ reply ]
Simple test...
[ more ] [ reply ]