RE: which security hotfixs to implemet ?

["Steve Fletcher" <safletcher () insightbb com>]

My suggestion would be that if you don't need something on the server,
remove it!  Following your example, if you don't use media player on the
server (which is probably true for most people), then uninstall it.  That
way, you don't have to worry about any problems from that program, whether
it is a patch not being installed or a patch that broke something.

The same goes for services.  If there is a service that is not essential to
the function of the server, disable it.

Hope this helps.

Steve Fletcher

MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+,
CCA

safletcher () insightbb com 

-----Original Message-----
From: Juan B [mailto:juanbabi () yahoo com] 
Sent: Tuesday, November 23, 2004 6:17 AM
To: security-basics () securityfocus com
Subject: which security hotfixs to implemet ?

Hi,
I ran microsoft baseline security against our IIS web
servers.
the output ( for example) on some servers was that
there are some critical updates related to windows
media player which I need to implement ,my question
is: Do I really need to implement fixes to
applications that I dont use ( but still are installed
on the server) on those servers (like windwos media
player that we dont use on our web servers? ).

thanks !
 


                
__________________________________ 
Do you Yahoo!? 
Meet the all-new My Yahoo! - Try it today! 
http://my.yahoo.com