MS Updates, Was : MS-02-052

[nexus () patrol i-way co uk (Nexus)]

----- Original Message -----
From: "Moyer, Shawn" <SMoyer () rgare com>
To: <full-disclosure () lists netsys com>
Sent: Saturday, September 21, 2002 1:16 AM
Subject: RE: [Full-disclosure] Re: MS-02-052
[snip]
> It is quite lame to make this only available via Windows Update. A lot of
> people are deploying their own internal patch management methods and
> blocking Windows Update / disabling the new AutoUpdate stuff so that
patches
> can be tested and verified first rather than letting the end-user make the
> call. Not making the patches available any other way makes that kinda
tough
> to do. Hopefully we'll see the same patch in another form later on.
[snip]

By "only" I assume that you are also referring to
http://corporate.windowsupdate.microsoft.com/ that allows you to download
service packs and hotfixes in their entirety for testing and subsequent push
deployment from your patchbox ?
OK you do need to accept the javascript and the ActiveX controls and it can
be a bit fiddly; you will probably get the warnings as well - AFAIR they
sign the cab file but not all the files it contains.   Or you could script
up some wgets and pull the updates from ftp.microsoft.com ?   You can
probably also get them on CD from MSDN as well.

But you are correct that you can only get them from one place, and it's
Microsoft ;-)

Cheers.