Full Disclosure mailing list archives
RE: [inbox] Re: 3 new MS patches next week... but none fix
From: "Exibar" <exibar () thelair com>
Date: Sat, 10 Jan 2004 12:18:42 -0500
I think it is a totally lame approach. The patch distribution problem has been pretty much solved by other vendors. We would all sleep better at night if M$ would just get a clue. Oh well. tim
It's not that Microsoft doesn't have a clue, they do. We are getting regular patches for holes that are found are we not? If they didn't have a clue, we would have yearly patches or none at all. Ok, there may be some holes that aren't patched yet, but I'm sure they're working on them and they're coming. Some patches just have to take precedence over others. I've seen quite a few vulnerabilities come across this list in this past week, not many have vendor fixes yet either. This is not a Microsoft exclusive problem. We need a better way to patch systems, ALL systems. I've said it once on another list, and I'll say it here, we need a sort of "patching server" that is on an isolated subnet. When a machine first connects to the network, it gets an IP address and is only allowed to talk to the patching server(s). Once the patching servers (for ALL OS's mind you) determine that the machine is up to date with it's patches, then and only then is it allowed to connect to the production network. Now this won't take care of 0-day exploits for 0-day vulns, but it would have taken care of 95% of the scrambles that a lot of companies went through last year. Let me ask this question, if you were running a company with 30,000 LINUX boxes. How would you patch all of them? Don't a lot of Linux patches require a re-build of the kernel? Exibar _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: 3 new MS patches next week... but none fix Randal, Phil (Jan 09)
- Re: 3 new MS patches next week... but none fix Exibar (Jan 09)
- Re: 3 new MS patches next week... but none fix Tim (Jan 09)
- Re: 3 new MS patches next week... but none fix madsaxon (Jan 09)
- RE: 3 new MS patches next week... but none fix Joe (Jan 10)
- Re: 3 new MS patches next week... but none fix Tim (Jan 10)
- RE: [inbox] Re: 3 new MS patches next week... but none fix Exibar (Jan 10)
- Re: [inbox] Re: 3 new MS patches next week... but none fix Tim (Jan 10)
- Re: [inbox] Re: 3 new MS patches next week... but none fix Jan Lühr (Jan 10)
- The Israeli Post Office break-in ge (Jan 11)
- Re: [inbox] Re: 3 new MS patches next week... but none fix lonely wolf (Jan 10)
- Re: [inbox] Re: 3 new MS patches next week... but none fix Ron DuFresne (Jan 12)
- Re: [inbox] Re: 3 new MS patches next week... but none fix William Warren (Jan 11)