[THIN] Re: New Critical MS Fix MS06-040 ?!?!
- From: <steve.quinnell@xxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Thu, 10 Aug 2006 14:23:45 +0100
We've deployed it on about 100 boxes so far without any reported
problems, along with the other August criticals
steve
_____
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Michael Pardee
Sent: 10 August 2006 14:16
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
You are correct, but I bet there are still some out there without the
proper firewalling place. I read yesterday that there is now an
exploit. I am guessing MS knew that and is pushing hard to prevent a
SQLSlammer type outbreak.
On 8/10/06, Matthew Shrewsbury <MShrewsbury@xxxxxxxxxxxxxxx> wrote:
Any idea why this patch seems to be pushed as urgent? It sounds
like if
you have a firewall blocking ports 139 and 445 there isn't any
risk from
the net?
Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+
Network Manager
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Selinger, Stephen
Sent: Wednesday, August 09, 2006 4:18 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
Any update on if this patch breaks anything. I have been advised
by my
security monitoring service to get this updated ASAP.
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:
thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Schneider, Chad M
Sent: August 9, 2006 7:40 AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
We received the e-mail of this patch late yesterday....got a
voice mail
an
hour later, and another follow-up this AM....this one is getting
more
attention from M$ than I can ever recall. They asked that we
make every
effort to get installed in the next 72 hours.
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx ] On
Behalf
Of Michael Pardee
Sent: Wednesday, August 09, 2006 7:00 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
I just received an email from our MS rep asking us if we had
tested
this,
what the reasons were if we hadn't, and when we plan on rolling
it out.
They consider this a Level 3 patch and said it is extremely
critical.
We'll focus more on our Internet accessible nodes first (non are
TS) but
will start the testing with it internally over time.
This is the first I've ever had our TAM contact us with
questions over
why
we wouldn't just deploy it.
> From: Steve Greenberg < steveg@xxxxxxxxxxxxxx
<mailto:steveg@xxxxxxxxxxxxxx> >
> Reply-To: <thin@xxxxxxxxxxxxx>
> Date: Wed, 9 Aug 2006 00:31:20 -0700
> To: <thin@xxxxxxxxxxxxx >
> Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
>
> As usual, this is a case where patience and logic do not rule
:-) The
> client is already in the process of applying the patch well
over a
hundred
> non TS systems. It is the TS systems that we have some
influence on
and
are
> being requested to come back with field reports. So far on in
house
test
> system, no problems.
>
>
>
> These are situations in which the client is being "ordered" to
go
ahead
and
> install the patches. Your explanation is perfect, but the
bottom line
is
> that they are going to have to go ahead and do this, I am just
hoping
> someone else has jumped first and can tell us what the bottom
of the
cliff
> looks like!
>
>
>
>
>
> Steve Greenberg
>
> Thin Client Computing
>
> 34522 N. Scottsdale Rd D8453
>
> Scottsdale, AZ 85262
>
> (602) 432-8649
>
> www.thinclient.net
>
> steveg@xxxxxxxxxxxxxx
>
>
>
> _____
>
> From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
> Of Rick Mack
> Sent: Tuesday, August 08, 2006 11:36 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!
>
>
>
> Hi Steve,
>
>
>
> Patching the server service on file/print backend servers and
TS is
kind
of
> scary considering the things that could break.
>
>
>
> I'm fairly pragmatic about this sort of thing because at the
end of
the
day,
> it's all about risk management.
>
>
>
> I wouldn't disregard a critical update on my internet exposed
systems
but
> production TS is a different story.
>
>
>
> Taking past experience into account, in an adequately secured
internal
> network, the Microsoft security hotfixes have caused more
system
outages
> than any exploits.
>
>
>
> Any internet-exposed systems should have the server service
disabled
as a
> matter of course, in addition to appropriate firewall
filtering etc.
> Educational environments with TS/Citrix should be using
internal
firewalls
> to limit exposure to ICA/http only.
>
>
>
> It's a question of what's a bigger risk, a known exploit with
defined
> work-arounds or an unknown failure due to inadequate
regression
testing in
> the fix?
>
>
>
> If potential buffer overflow vulnerabilities in the server
service
were
the
> only vulnerabilities in the average internal network, we'd be
pretty
darn
> secure.
>
>
>
> My recommendation is don't be panicked into installing this
hotfix in
> production. Test it in a development environment, if that's
okay
install
on
> a single production server. If nothing has broken after a
couple of
weeks
> and nobody else is hurting, then patch your production
systems.
>
>
>
> I'll let you know what it breaks in a month's time ;-)
>
>
>
> regards,
>
>
>
> Rick
>
>
>
> Ulrich Mack
> Volante Systems
>
> _____
>
> From: thin-bounce@xxxxxxxxxxxxx on behalf of Steve Greenberg
> Sent: Wed 9/08/2006 16:04
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] New Critical MS Fix MS06-040 ?!?!
>
> Does anyone have experience yet with this new critical patch
in
production
> 2003/PS4 environments?
>
>
>
> <
http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx
<http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx> >
>
http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx
>
>
>
> We have customers who are asking for any available feedback on
the
effect
of
> installing this new critical fix as they are being required to
deploy
it
> right away in production!!!
>
>
>
> Any experience? Any gotchas??
>
>
>
> thanks
>
>
>
> Steve Greenberg
>
> Thin Client Computing
>
> 34522 N. Scottsdale Rd D8453
>
> Scottsdale, AZ 85262
>
> (602) 432-8649
>
> www.thinclient.net
>
> steveg@xxxxxxxxxxxxxx
>
>
>
>
########################################################################
####
> #########
>
> This e-mail, including all attachments, may be confidential or
privileged.
> Confidentiality or privilege is not waived or lost because
this e-mail
has
> been sent to you in error. If you are not the intended
recipient any
use,
> disclosure or copying of this e-mail is prohibited. If you
have
received
it
> in error please notify the sender immediately by reply e-mail
and
destroy
> all copies of this e-mail and any attachments. All liability
for
direct
and
> indirect loss arising from this e-mail and any attachments is
hereby
> disclaimed to the extent permitted by law.
>
>
########################################################################
####
> #########
>
>
########################################################################
####
> #########
> This e-mail, including all attachments, may be confidential or
privileged.
> Confidentiality or privilege is not waived or lost because
this e-mail
has
> been sent to you in error. If you are not the intended
recipient any
use,
> disclosure or copying of this e-mail is prohibited. If you
have
received
it
> in error please notify the sender immediately by reply e-mail
and
destroy
> all copies of this e-mail and any attachments. All liability
for
direct
and
> indirect loss arising from this e-mail and any attachments is
hereby
> disclaimed to the extent permitted by law.
>
########################################################################
####
> #########
>
>
>
########################################################################
####
> #########
>
> This e-mail, including all attachments, may be confidential or
privileged.
> Confidentiality or privilege is not waived or lost because
this e-mail
has
> been sent to you in error. If you are not the intended
recipient any
use,
> disclosure or copying of this e-mail is prohibited. If you
have
received
it
> in error please notify the sender immediately by reply e-mail
and
destroy
> all copies of this e-mail and any attachments. All liability
for
direct
and
> indirect loss arising from this e-mail and any attachments is
hereby
> disclaimed to the extent permitted by law.
>
>
########################################################################
####
> #########
>
>
########################################################################
####
> #########
> This e-mail, including all attachments, may be confidential or
privileged.
> Confidentiality or privilege is not waived or lost because
this e-mail
has
> been sent to you in error. If you are not the intended
recipient any
use,
> disclosure or copying of this e-mail is prohibited. If you
have
received
it
> in error please notify the sender immediately by reply e-mail
and
destroy
> all copies of this e-mail and any attachments. All liability
for
direct
and
> indirect loss arising from this e-mail and any attachments is
hereby
> disclaimed to the extent permitted by law.
>
########################################################################
####
> #########
>
>
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
This communication is intended for the use of the recipient to
which it
is addressed, and may contain confidential, personal and or
privileged
information. Please contact us immediately if you are not the
intended
recipient. Do not copy, distribute or take action relying on
it. Any
communication received in error, or subsequent reply, should be
deleted
or destroyed.
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
--
Michael Pardee
www.blindsquirrel.org
PLEASE READ: The information contained in this email is confidential and
intended for the named recipient(s) only. If you are not an intended
recipient of this email please notify the sender immediately and delete your
copy from your system. You must not copy, distribute or take any further
action in reliance on it. Email is not a secure method of communication and
Nomura International plc ('NIplc') will not, to the extent permitted by law,
accept responsibility or liability for (a) the accuracy or completeness of,
or (b) the presence of any virus, worm or similar malicious or disabling
code in, this message or any attachment(s) to it. If verification of this
email is sought then please request a hard copy. Unless otherwise stated
this email: (1) is not, and should not be treated or relied upon as,
investment research; (2) contains views or opinions that are solely those of
the author and do not necessarily represent those of NIplc; (3) is intended
for informational purposes only and is not a recommendation, solicitation or
offer to buy or sell securities or related financial instruments. NIplc
does not provide investment services to private customers. Authorised and
regulated by the Financial Services Authority. Registered in England
no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand,
London, EC1A 4NP. A member of the Nomura group of companies.
Other related posts:
