Re: Re: Microsoft Security, baby steps ?

["Geoincidents" <geoincidents () getinfo org>]

> Come on Microsoft. How about putting together a single file that contains
> all the "critical" security updates since the last service pack for a
given
> OS?

I'm with you, this is nuts:

to secure 2000 without using the network and windowsupdate:

install 2000
sp4
Windows2000-KB823559-x86-ENU.exe
WindowsMedia41-KB822343-x86-ENU.exe
Windows2000-KB823980-x86-ENU.exe
q329414_mdacall_x86.exe
Windows2000-KB819696-x86-ENU.exe
q822925.exe
Q823718_MDAC_SecurityPatch.exe
q330994.exe
WindowsMedia71-KB817787-x86-ENU.exe
wm320920_64.exe
Windows2000-KB824146-x86-ENU.exe
Windows2000-KB823182-x86-ENU.exe
Windows2000-KB826232-x86-ENU.exe
Windows2000-KB828035-x86-ENU.exe
Windows2000-KB825119-x86-ENU.exe
Windows2000-KB824141-x86-ENU.exe
q828750.exe
Windows2000-KB828749-x86-ENU.exe
q824145.exe
Windows2000-KB810217-x86-ENU.exe
officexp-KB813380-client-ENG.exe  (office ones are FP extension patches)
office2000-kb822035-client-enu.exe
ENU_Q832483_MDAC_x86.EXE
Windows2000-KB828028-x86-ENU.EXE
Windows2000-KB329115-x86-ENU.exe
msjavwu.exe
Windows-KB833330-ENU.exe
Windows2000-KB824105-x86-ENU.exe
Q832894.exe

NT4 is even worse and before they are allowed to completely drop support for
NT4 they should at least have the decency to do a rollup of all the patches
so it's left in some sort of workable condition for those who aren't
upgrading.

Geo.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html