[Full-Disclosure] RE: Full-disclosure digest, Vol 1 #1651 - 1 msg

["Brian P. Donohue" <zbd () u washington edu>]

Interesting.  I keep hearing this without specifics.  I find this kind of
problem to be very rare in our production environment (10,000 devices), and
limited to poorly written apps.  I work in a medical environment, where
there's no lack of poorly written apps, and even amongst that population,
problems caused by patches are rare.  I suppose that this is in part due to
our habit of testing prior to deployment.

Of course, a system that's grossly misconfigured, or rotten with malware,
will often have problems trying to install just about anything.

Microsoft has many problems, but in my view they pretty much solved the
problem of breaking things with patches a long time ago - post Winnt 4 SP3
has been pretty dependable.  I have plenty of gripes about MS, but this one
has gone stale.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
full-disclosure-request () lists netsys com
Sent: Sunday, May 16, 2004 09:00
To: full-disclosure () lists netsys com
Subject: Full-disclosure digest, Vol 1 #1651 - 1 msg

Send Full-Disclosure mailing list submissions to
        full-disclosure () lists netsys com

To subscribe or unsubscribe via the World Wide Web, visit
        http://lists.netsys.com/mailman/listinfo/full-disclosure
or, via email, send a message with subject or body 'help' to
        full-disclosure-request () lists netsys com

You can reach the person managing the list at
        full-disclosure-admin () lists netsys com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Full-Disclosure digest..."


Today's Topics:

   1. RE: Support the Sasser-author fund started (Paul Schmehl)

--__--__--

Message: 1
Date: Sun, 16 May 2004 10:55:55 -0500
From: Paul Schmehl <pauls () utdallas edu>
Reply-To: Paul Schmehl <pauls () utdallas edu>
To: full-disclosure <full-disclosure () lists netsys com>
Subject: RE: [Full-disclosure] Support the Sasser-author fund started

--On Friday, May 14, 2004 11:06 PM +0530 "Aditya, ALD [Aditya Lalit 
Deshmukh]" <aditya.deshmukh () online gateway technolabs net> wrote:
> the problem is many times when the patch is released it tends to break
> many applications and other random stuff! ms is patching a hole but
> manages to break other things in the process quite frequently.
Let's see....this would seem to indicate that they depend on the holes to 
run the applications.
:-)

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu



--__--__--

_______________________________________________
Full-Disclosure mailing list
Full-Disclosure () lists netsys com
http://lists.netsys.com/mailman/listinfo/full-disclosure


End of Full-Disclosure Digest


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html