Re: Patching Becoming a Major Resource Drain for Companies

[InfoSec News <isn () c4i org>]

Forwarded from: Mark Bernard <mbernard () nbnet nb ca>

Dear Associates,

MS has not done a good job at managing this very important process.
They are continuing to muddle around and not tackle this effectively.

Since they have mostly borrowed all the technology that they currently
have from someone else, why don't they go back to Big Blue were they
started and get this right from the pros.

I have work with Big Blues and Application Systems 400 servers for 14
years now. BTW: they have never been infected by a viruse since their
introduction to the public in 1989. BTW: there are now around 900,000
400 servers in the world today. On the 400 there is a regular program
that follows a monthly routine with built in software that can be used
to distribute Preventative Software Fixes (PTFs) to either clustered
400s or networked 400s. You get an overview of the fix it tells you in
English what it will do and or change on your system before you load
it. You can then load it in temporary state on a mirrored logical
partition and run it to see what's going on before applying it
permanently. You also have the option of removing it.

Why can't Microsoft get this right with all the money that they now
have of ours?

Regards,
Mark.

----- Original Message ----- 
From: "InfoSec News" <isn () c4i org>
To: <isn () attrition org>
Sent: Tuesday, August 19, 2003 9:10 AM
Subject: [ISN] Patching Becoming a Major Resource Drain for Companies


> http://www.computerworld.com/securitytopics/security/story/0,10801,84083,00.html
>
> Story by Jaikumar Vijayan
> COMPUTERWORLD
> AUGUST 18, 2003
>
> Last week's W32.Blaster worm, which affected thousands of computers
> worldwide running Windows operating systems, highlighted the
> enormous challenge companies face in keeping their systems up to
> date with patches for vulnerabilities, users said.
>
> Companies that, ahead of Blaster's rampage, had installed Microsoft
> Corp.'s patch for a flaw identified last month said they felt no
> effect from the worm. But the seemingly constant work involved in
> guarding against such worms is becoming a burden that could prove
> unsustainable over time, users said.
>
> "The thing about patching is that it is so darn reactive. And that
> can kill you," said Dave Jahne, a senior security analyst at
> Phoenix-based Banner Health System, which runs 22 hospitals.
>
> "You need to literally drop everything else to go take care of
> [patching]. And the reality is, we only have a finite amount of
> resources" to do that, Jahne said.
>
> Banner had to patch more than 500 servers and 8,000 workstations to
> protect itself against the vulnerability that Blaster exploited. "I
> can tell you, it's been one heck of an effort on a lot of people's
> part to do that," Jahne added.
>
> For the longer term, Banner is studying the feasibility of
> partitioning its networks in order to minimize the effect of
> vulnerabilities, he said.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.