Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Critical/Security Updates as well as other Patch Management

From: Lachlan McGill <Lachlan.McGill () au logical com>
Date: Fri, 14 Mar 2003 10:29:48 +1100
 Windows Update is a service that can be configured via group policy to
download ALL updates from an internal SUS server. It can be controlled by
only approving updates from the SUS server that have been tested.


-----Original Message-----
From: Jason Coombs
To: Jed Needle; security-basics () securityfocus com
Sent: 14/03/2003 6:38 AM
Subject: RE: Critical/Security Updates as well as other Patch Management

SUS is nothing more than a filter for windowsupdate.com that tells
managed
boxes not to allow windowsupdate.com to install anything other than the
subset of updates approved by the SUS administrator.

Each Windows box still uses Windows update directly, so all
vulnerabilities
that impact Windows update and the client-side code that talks to
windowsupdate.com are still present when SUS is used.

Jason Coombs
jasonc () science org

-----Original Message-----
From: Jed Needle [mailto:jed () vitel com]
Sent: Tuesday, March 11, 2003 12:24 PM
To: security-basics () securityfocus com
Subject: RE: Critical/Security Updates as well as other Patch Management


On Microsoft platforms there is a patch management util called SUS
"software update service?? (I think)
Once configured, the server will automatically download relevant
patches, you then point the clients to the sus server and push updates
to clients that way.

Jed
Previous By Date Next
Previous By Thread Next

Current thread: