My complaint is that M$ patches normally end up doing more harm then good. I end up having to run a test environment on the patch, once I determine it is safe to run. I send it out to my users and then they figured out what I missed and the entire system is screwed because M$ did something. On one hand you closed a security hole that some virus would attack, on the other hand running updates tend to add new bugs into the system. I know SP4 isn't a patch but it is the same principle. M$ tells me I need to get to SP4 to fix some security hole I had, I upgrade hole it patched but my entire system is screwed because SP4 messes up TS. Now I have a lot of ticked off users, but I will say at least the system was running, pre-SP4 the system was completely down. Does anyone ever wish they we were out of a job because M$ would make a product that works? Gunnar -----Original Message----- From: Neil Bullock [mailto:n.bullock@xxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, December 10, 2003 4:14 AM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Re: SV: Re: Discussion: Microsoft to release patches once per month Svein Arild Haugum wrote: > I solved the laptop problem by doing: > I made an OU for Laptop Computers in AD. > Created a GPO wich installed the AutoUpdate klient, made the > AutoUpdate service autostart, turned of software install warnings. > Then i importet the WindowsUpdate template into the policy, and > configured the laptops to automaticly download and install updates > from WindowsUpdate (web). I'll play about with this and see what I can get going. The problem is people don't connect their laptops to the network that often, and many of them don't use the internet at home (or elsewhere). > "I think maybe they should release the patches as and when they are > available, but send out a mail summarising patch releases every > month." > I dont agree with this, this would give people who are die hard > security focused a better option, and hackers better options, since > they can find bugs up to a month before regular people even hear > about them. So once a patch is ready they MUST tell everyone, or keep > it quiet. That's true enough. Didn't think about that :) It is a dilemma - releasing patches regularly makes people complain about being overloaded with patches, and releasing them on a schedule makes people complain that major problems will go unpatched for a month. I wonder what would happen if someone discovered a vulnerability and exploited it on the scale of Blaster - surely Microsoft wouldn't wait for a month before patching the problem.. -- Neil Bullock, ICT Technician. Brayton College, Doncaster Road, Selby, North Yorkshire, YO8 9QS Tel: 01757 707731; Fax: 01757 213389 ******************************************************** This Weeks Sponsor SeamlessPlanet.com Register your domain name for as low as $7.75 per year! Cheaper than Godaddy..same great service! http://SeamlessPlanet.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________ ******************************************************** This Weeks Sponsor SeamlessPlanet.com Register your domain name for as low as $7.75 per year! Cheaper than Godaddy..same great service! http://SeamlessPlanet.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm