[windows2000] SV: Re: SV: Re: Discussion: Microsoft to release patches once per month

• To: <windows2000@xxxxxxxxxxxxx>
• Date: Wed, 10 Dec 2003 15:47:46 +0100

I have to say i disagree completely with you on this when it comes to security 
fixes.
I manage 250 clients, 30+ servers, and i update everything. Lately I have 
installed SUS to do the job.
Over two years at this place, I have yet to se a problem caused by a security 
patch.

I think that argument more often is an excuse to be lazy than a real life 
sitiuation. No offence.

Hotfixes (not security fixes) and Service Packs I have had problems with, but 
that is another matter. But if things were as easy as you would hope, then the 
janitor could do this job, and we would all be serving BicMacs in a DriveTrough.

Mvh
Svein Arild


-----Opprinnelig melding-----
Fra: Berger, Gunnar [mailto:GBerger@xxxxxxxxxx]
Sendt: 10. desember 2003 14:59
Til: windows2000@xxxxxxxxxxxxx
Emne: [windows2000] Re: SV: Re: Discussion: Microsoft to release patches
once per month


My complaint is that M$ patches normally end up doing more harm then good.  I 
end up having to run a test environment on the patch, once I determine it is 
safe to run.  I send it out to my users and then they figured out what I missed 
and the entire system is screwed because M$ did something.  On one hand you 
closed a security hole that some virus would attack, on the other hand running 
updates tend to add new bugs into the system.  I know SP4 isn't a patch but it 
is the same principle.  M$ tells me I need to get to SP4 to fix some security 
hole I had, I upgrade hole it patched but my entire system is screwed because 
SP4 messes up TS.  Now I have a lot of ticked off users, but I will say at 
least the system was running, pre-SP4 the system was completely down.  Does 
anyone ever wish they we were out of a job because M$ would make a product that 
works?

Gunnar

-----Original Message-----
From: Neil Bullock [mailto:n.bullock@xxxxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, December 10, 2003 4:14 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: SV: Re: Discussion: Microsoft to release
patches once per month


Svein Arild Haugum wrote:

> I solved the laptop problem by doing:
> I made an OU for Laptop Computers in AD.
> Created a GPO wich installed the AutoUpdate klient, made the
> AutoUpdate service autostart, turned of software install warnings.
> Then i importet the WindowsUpdate template into the policy, and
> configured the laptops to automaticly download and install updates
> from WindowsUpdate (web).

I'll play about with this and see what I can get going.  The problem is
people don't connect their laptops to the network that often, and many of
them don't use the internet at home (or elsewhere).

> "I think maybe they should release the patches as and when they are
> available, but send out a mail summarising patch releases every
> month."
> I dont agree with this, this would give people who are die hard
> security focused a better option, and hackers better options, since
> they can find bugs up to a month before regular people even hear
> about them. So once a patch is ready they MUST tell everyone, or keep
> it quiet.

That's true enough.  Didn't think about that :)

It is a dilemma - releasing patches regularly makes people complain about
being overloaded with patches, and releasing them on a schedule makes people
complain that major problems will go unpatched for a month.

I wonder what would happen if someone discovered a vulnerability and
exploited it on the scale of Blaster - surely Microsoft wouldn't wait for a
month before patching the problem..

-- 
Neil Bullock, ICT Technician.
Brayton College, Doncaster Road, Selby, North Yorkshire, YO8 9QS
Tel: 01757 707731; Fax: 01757 213389

********************************************************
This Weeks Sponsor SeamlessPlanet.com
Register your domain name for as low as $7.75 per year!
Cheaper than Godaddy..same great service! 
http://SeamlessPlanet.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs Email
Security System. For more information on a proactive email security
service working around the clock, around the globe, visit
http://www.messagelabs.com
________________________________________________________________________
********************************************************
This Weeks Sponsor SeamlessPlanet.com
Register your domain name for as low as $7.75 per year!
Cheaper than Godaddy..same great service! 
http://SeamlessPlanet.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor SeamlessPlanet.com
Register your domain name for as low as $7.75 per year!
Cheaper than Godaddy..same great service! 
http://SeamlessPlanet.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

• » [windows2000] SV: Re: SV: Re: Discussion: Microsoft to release patches once per month
• » [windows2000] Re: SV: Re: SV: Re: Discussion: Microsoft to release patches once per month

1. Home
2. windows2000
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---