Security Basics mailing list archives

RE: Windows patch mgmt.

From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Wed, 23 Jun 2004 08:21:29 -0400

I haven't used Windws update Server, but my understanding was this did
not allow you to verify the patch was installed.  Has this changed or am
I just wrong?

Denny 

-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m () subway com] 
Sent: Tuesday, June 22, 2004 9:57 PM
To: Depp, Dennis M.; bob martin; security-basics () securityfocus com
Subject: Re: Windows patch mgmt.

Another thing to check would be the windows update server which is free
like
the MBSA.
Now when you say 'test' do you mean to see if anything strange happens
after
the patch?

Murad Talukdar

----- Original Message ----- 
From: "Depp, Dennis M." <deppdm () ornl gov>
To: "bob martin" <bobmartin_613 () hotmail com>;
<security-basics () securityfocus com>
Sent: Monday, June 21, 2004 10:40 PM
Subject: RE: Windows patch mgmt.

Bob,

Have you looked at MBSA from Microsoft.  This tool will allow you to
scan your network and will report on any machines that are missing
updates.

Denny


-----Original Message-----
From: bob martin [mailto:bobmartin_613 () hotmail com]
Sent: Tuesday, June 15, 2004 10:41 AM
To: security-basics () securityfocus com
Subject: Windows patch mgmt.

Hello all.
Basic patching question for you.

We have a small environment (approx. 300 desktops and 50 servers) and
the
question has come up how do we test all desktops/servers after a

windows


patch has been installed.  Given that the networking/desktop team
consists
of 6 people, I'm a bit stumped on how we can do this efficiently.  We
use
St. Benard's Update Expert to push out the patches and to verify

they've


been installed.

Currently we push to a QA environment and let it soak for a week or

two

while it's being used for it's normal functions.  The concern is if

the

server isn't being used for testing, then we may push a patch to a
production server without it being "tested."

Any suggestions would be very welcomed.  Any more, there's so many
windows
patches that it's almost a full time job for one person to manage

them.


Thanks.
Bob

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from
McAfee(r)
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

------------------------------------------------------------------------

---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert

instructors.


Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your

organization.


Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html

------------------------------------------------------------------------

----

------------------------------------------------------------------------
--
-

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545

off

any course! All of our class sizes are guaranteed to be 10 students or

less

to facilitate one-on-one interaction with one of our expert

instructors.

Attend a course taught by an expert instructor with years of

in-the-field

pen testing experience in our state of the art hacking lab. Master the

skills

of an Ethical Hacker to better assess the security of your

organization.

Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html

------------------------------------------------------------------------
--
--





---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Test Lab Help, (continued)
- - - Test Lab Help sEc nErD (Jun 24)
- Re: Windows patch mgmt. Keith Cirelli (Jun 23)
- RE: Windows patch mgmt. Britton, Jeff B. (Jun 21)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 22)
  - Re: Windows patch mgmt. Murad Talukdar (Jun 23)
  - Re: Windows patch mgmt. pingywon MCSE (Jun 23)
    - RE: Windows patch mgmt. Paul Ryan (Jun 24)
- RE: Windows patch mgmt. Kymer, Daniel (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
- Re: RE: Windows patch mgmt. Warren V Camp (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
  - Re: Windows patch mgmt. Ansgar -59cobalt- Wiechers (Jun 25)
- RE: Windows patch mgmt. Daszczyszak, Roman L. SPC (1AD 501 MI BN ACE IMO) (Jun 24)
- RE: Windows patch mgmt. Dan Denton (Jun 24)
- RE: Windows patch mgmt. Robinson, Sonja (Jun 25)