[THIN] Re: New Critical MS Fix MS06-040 ?!?!

  • From: "Steve Greenberg" <steveg@xxxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Wed, 9 Aug 2006 00:31:20 -0700

As usual, this is a case where patience and logic do not rule :-)  The
client is already in the process of applying the patch well over a hundred
non TS systems. It is the TS systems that we have some influence on and are
being requested to come back with field reports. So far on in house test
system, no problems.

 

These are situations in which the client is being "ordered" to go ahead and
install the patches. Your explanation is perfect, but the bottom line is
that they are going to have to go ahead and do this, I am just hoping
someone else has jumped first and can tell us what the bottom of the cliff
looks like!

 

 

Steve Greenberg

Thin Client Computing

34522 N. Scottsdale Rd D8453

Scottsdale, AZ 85262

(602) 432-8649

www.thinclient.net

steveg@xxxxxxxxxxxxxx

 

  _____  

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Rick Mack
Sent: Tuesday, August 08, 2006 11:36 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: New Critical MS Fix MS06-040 ?!?!

 

Hi Steve,

 

Patching the server service on file/print backend servers and TS is kind of
scary considering the things that could break. 

 

I'm fairly pragmatic about this sort of thing because at the end of the day,
it's all about risk management.

 

I wouldn't disregard a critical update on my internet exposed systems but
production TS is a different story. 

 

Taking past experience into account, in an adequately secured internal
network, the Microsoft security hotfixes have caused more system outages
than any exploits.

 

Any internet-exposed systems should have the server service disabled as a
matter of course, in addition to appropriate firewall filtering etc.
Educational environments with TS/Citrix should be using internal firewalls
to limit exposure to ICA/http only.

 

It's a question of what's a bigger risk, a known exploit with defined
work-arounds or an unknown failure due to inadequate regression testing in
the fix?

 

If potential buffer overflow vulnerabilities in the server service were the
only vulnerabilities in the average internal network, we'd be pretty darn
secure. 

 

My recommendation is don't be panicked into installing this hotfix in
production. Test it in a development environment, if that's okay install on
a single production server. If nothing has broken after a couple of weeks
and nobody else is hurting, then patch your production systems.

 

I'll let you know what it breaks in a month's time ;-)

 

regards,

 

Rick

 

Ulrich Mack 
Volante Systems 

  _____  

From: thin-bounce@xxxxxxxxxxxxx on behalf of Steve Greenberg
Sent: Wed 9/08/2006 16:04
To: thin@xxxxxxxxxxxxx
Subject: [THIN] New Critical MS Fix MS06-040 ?!?!

Does anyone have experience yet with this new critical patch in production
2003/PS4 environments?

 

 <http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx>
http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx

 

We have customers who are asking for any available feedback on the effect of
installing this new critical fix as they are being required to deploy it
right away in production!!!

 

Any experience? Any gotchas??

 

thanks

 

Steve Greenberg

Thin Client Computing

34522 N. Scottsdale Rd D8453

Scottsdale, AZ 85262

(602) 432-8649

www.thinclient.net

steveg@xxxxxxxxxxxxxx

 

############################################################################
#########

This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has
been sent to you in error. If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited. If you have received it
in error please notify the sender immediately by reply e-mail and destroy
all copies of this e-mail and any attachments. All liability for direct and
indirect loss arising from this e-mail and any attachments is hereby
disclaimed to the extent permitted by law.

############################################################################
#########

############################################################################
#########
This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has
been sent to you in error. If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited. If you have received it
in error please notify the sender immediately by reply e-mail and destroy
all copies of this e-mail and any attachments. All liability for direct and
indirect loss arising from this e-mail and any attachments is hereby
disclaimed to the extent permitted by law.
############################################################################
#########


############################################################################
#########

This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has
been sent to you in error. If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited. If you have received it
in error please notify the sender immediately by reply e-mail and destroy
all copies of this e-mail and any attachments. All liability for direct and
indirect loss arising from this e-mail and any attachments is hereby
disclaimed to the extent permitted by law.

############################################################################
#########

############################################################################
#########
This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has
been sent to you in error. If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited. If you have received it
in error please notify the sender immediately by reply e-mail and destroy
all copies of this e-mail and any attachments. All liability for direct and
indirect loss arising from this e-mail and any attachments is hereby
disclaimed to the extent permitted by law.
############################################################################
#########


Other related posts: