Re: [foxboro] XP Security Patches, whither art thou?

• From: Corey R Clingo <corey.clingo@xxxxxxxx>
• To: foxboro@xxxxxxxxxxxxx
• Date: Fri, 25 Jan 2008 16:01:54 -0600

Maybe I'm crazy, but I have not applied one patch to my AW70XP since I put 
7.1.2 on it last May.  While I believe in defense in depth, I've about 
decided that the best protection for a DCS is external, as security 
continues to be a significantly lower priority in real life for the DCS 
vendors than their propaganda would lead you to believe.  Besides that, 
since this box is a gateway I try to touch it as little as possible, and 
Microsoft patches often mean reboots (two of them in the AW's case, since 
you usually have to get out of "I/A mode" and then back into it).

So since I haven't actually tried any of these patches on my running 
system, what does "smoke test" mean?  It will boot the Foxboro software? 
Or it will actually call up Foxview and AM, run a virtual CP, 
configurators, etc.?


By the way, this entire topic is delicious.  Nothing like controlling 
one's own destiny with Microsoft.


Corey Clingo
BASF Corporation






"Boulay, Russ" <russ.boulay@xxxxxxxxxxxxxxxx> 
Sent by: foxboro-bounce@xxxxxxxxxxxxx
01/25/2008 03:42 PM
Please respond to
foxboro@xxxxxxxxxxxxx


To
<foxboro@xxxxxxxxxxxxx>
cc

Subject
Re: [foxboro] XP Security Patches, whither art thou?





Every Microsoft critical patch is tested by Foxboro and either blessed or 
not and posted on the website of that status.

We can no longer supply as stated below consolidated on a CD or download 
from TAC website directly.
We are working to change that.

But every smoke tested patch that has passed can be downloaded from 
Microsoft and applied to I/A
All of the patches on Duc's list have been tested and blessed and show 
that status on the website
________________________________

From: foxboro-bounce@xxxxxxxxxxxxx on behalf of 
Ed.Zychowski@xxxxxxxxxxxxxx
Sent: Fri 1/25/2008 2:34 PM
To: foxboro@xxxxxxxxxxxxx
Subject: Re: [foxboro] XP Security Patches, whither art thou?



You can mark me down for very concerned!
I spoke with Foxboro TAC and I'm told that Microsoft will not allow
Foxboro to create the ISO CDs any longer. Foxboro will only be allowed to
point us to the Microsoft update website. (not even allowed to link to the
specific patch). Still, that shouldn't relieve them of the responsibility
to test patches. IMHO.




<duc.do@xxxxxxxxxxxxxx>
Sent by: foxboro-bounce@xxxxxxxxxxxxx
01/25/2008 01:25 PM
Please respond to
foxboro@xxxxxxxxxxxxx


To
<foxboro@xxxxxxxxxxxxx>
cc

Subject
[foxboro] XP Security Patches, whither art thou?






Does anyone else share my concern that the security patch process has
grounded to a halt since the middle of last year?

A rough count shows the following outstanding patches for the Win XP,
Service Pack 2 platform:

Aug 2007, 5 critical patches
Oct 2007, 2 critical, 1 important
Nov 2007, 1 critical
Dec 2007, 6 critical, 3 important

The reversed timeline as shown on the IPS web site:

---------------------
9 Jan 2008: MS08-001 and MS08-002 entered Evalutation Testing=20

19 Dec 2007: MS07-064, MS07-065, MS07-67, MS07-068 and MS07-069 Passed
Smoke Testing. =20
NEW IMAGE NOT MADE AVAILABLE=20

12 Dec 2007: MS07-064, MS07-065, MS07-67, MS07-068 and MS07-069 entered
Evalutation Testing=20

20 Nov 2007: MS07-061 Passed Smoke Testing. =20
NEW IMAGE NOT MADE AVAILABLE=20

14 Nov 2007: MS07-061 entered Evalutation Testing=20

15 Oct 2007: MS07-056, MS07-57, MS07-058, kb933360 and kb932590 Passed
Smoke Testing. =20
NEW IMAGE NOT MADE AVAILABLE=20

10 Oct 2007: MS07-056, MS07-57, MS07-058, kb933360 and kb932590 entered
Evalutation Testing=20

14 Sep 2007: There were no patches release by Microsoft for this
platform for the month of Sep 2007=20

16 Aug 2007: MS07-042, MS07-43, MS07-045, MS07-046 and MS07-050 Passed
Smoke Testing. =20
NEW IMAGE NOT MADE AVAILABLE.=20

12-Aug 2007: MS07-042, MS07-43, MS07-045, MS07-046 and MS07-050 entered
Evalutation Testing
---------------------

The last time patches were released was in June 2007.

Can anybody from Invensys/Foxboro explain the reasoning behind "NEW
IMAGE NOT MADE AVAILABLE"?

Duc










 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 

• References:
  • Re: [foxboro] XP Security Patches, whither art thou?
    • From: Boulay, Russ

Other related posts:

• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?
• » Re: [foxboro] XP Security Patches, whither art thou?

1. Home
2. foxboro
3. Archive
4. 01-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---