Security Basics mailing list archives

RE: Windows Server 2003

From: Dennis Dimka <ddimka () Manna com>
Date: Fri, 12 Sep 2003 16:20:16 -0500

Automatic updates on a server is never a good idea.  If you've ever had a
hotfix or critical update hoze up a machine, you'll know why.  Automatic
Updates are a great idea for keeping workstations up to date.  Worst case
scenerio, if an update "blows up", you have a decomissioned desktop system.

You should always manually apply updates to servers (after running backups
and ERD's and such).

-----Original Message-----
From: Hendra Santosa [mailto:hendra () srd co id]
Sent: Thursday, September 11, 2003 9:16 AM
To: security-basics () securityfocus com
Subject: Re: Windows Server 2003


For me, applying all of the patches automatically can sometimes make a new
problem. Some machines with Windows XP and automatic updates turn the
machines to be slower and fail on some applications. I have to uninstall the
HotFixes, but it turns the machines to be unsecure again.
That's why I only enforce to use critical patches only and turn off the
automatic update on Windows 2003 server. Any problem on Windows 2003
automatic update so far? If automatic update can create a problem, why
should there still be? Or why the vendor doesn't just turn it off by
default? :) (availability can't be separated from secure systems)

regards,

cyhss


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

RE: Windows Server 2003, (continued)
- RE: Windows Server 2003 Robert Mezzone (Sep 10)
- FW: Windows Server 2003 Halverson, Chris (Sep 11)
  - Re: FW: Windows Server 2003 Tim Syratt (Sep 11)
- RE: Windows Server 2003 Doug Massey (Sep 11)
  - RE: Windows Server 2003 Larry Seltzer (Sep 11)
    - 'Shutdown Reason' in Windows 2000? (was: RE: Windows Server 2003) Alexander Suhovey (Sep 15)
- RE: Windows Server 2003 Halverson, Chris (Sep 11)
- RE: Windows Server 2003 c_brauckmiller (Sep 11)
  - Re: Windows Server 2003 A J Hammond (Sep 11)
- RE: Windows Server 2003 Tim Donahue (Sep 11)
- RE: Windows Server 2003 Dennis Dimka (Sep 12)