Security Basics mailing list archives

RE: Windows patch mgmt.

From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Wed, 23 Jun 2004 08:24:57 -0400

The link is
http://www.microsoft.com/technet/security/tools/mbsahome.mspx  You can
find this by going to www.microsoft.com/technet and doing a search for
MBSA.  This was the first link.

Denny

-----Original Message-----
From: pingywon MCSE [mailto:pingywon () gmail com] 
Sent: Tuesday, June 22, 2004 10:06 PM
To: Depp, Dennis M.
Cc: bob martin; security-basics () securityfocus com
Subject: Re: Windows patch mgmt.

Could you link this utility I couldnt seem to find it on MS.com


Thanks 

On Mon, 21 Jun 2004 08:40:10 -0400, Depp, Dennis M. <deppdm () ornl gov>
wrote:


Bob,

Have you looked at MBSA from Microsoft.  This tool will allow you to
scan your network and will report on any machines that are missing
updates.

Denny

-----Original Message-----
From: bob martin [mailto:bobmartin_613 () hotmail com]
Sent: Tuesday, June 15, 2004 10:41 AM
To: security-basics () securityfocus com
Subject: Windows patch mgmt.

Hello all.
Basic patching question for you.

We have a small environment (approx. 300 desktops and 50 servers) and
the
question has come up how do we test all desktops/servers after a

windows


patch has been installed.  Given that the networking/desktop team
consists
of 6 people, I'm a bit stumped on how we can do this efficiently.  We
use
St. Benard's Update Expert to push out the patches and to verify

they've


been installed.

Currently we push to a QA environment and let it soak for a week or

two

while it's being used for it's normal functions.  The concern is if

the

server isn't being used for testing, then we may push a patch to a
production server without it being "tested."

Any suggestions would be very welcomed.  Any more, there's so many
windows
patches that it's almost a full time job for one person to manage

them.


Thanks.
Bob

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from
McAfee(r)
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

------------------------------------------------------------------------

---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert

instructors.


Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your

organization.


Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html

------------------------------------------------------------------------

----

------------------------------------------------------------------------
---

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545

off

any course! All of our class sizes are guaranteed to be 10 students or

less

to facilitate one-on-one interaction with one of our expert

instructors.

Attend a course taught by an expert instructor with years of

in-the-field

pen testing experience in our state of the art hacking lab. Master the

skills

of an Ethical Hacker to better assess the security of your

organization.

Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html

------------------------------------------------------------------------
----



-- 


~pingywon MCSE 
http://www.pingywon.com


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Re: Windows patch mgmt., (continued)
- Re: Windows patch mgmt. steve (Jun 22)
  - Re: Windows patch mgmt. Joe Polk (Jun 23)
    - Test Lab Help sEc nErD (Jun 24)
- Re: Windows patch mgmt. Keith Cirelli (Jun 23)
- RE: Windows patch mgmt. Britton, Jeff B. (Jun 21)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 22)
  - Re: Windows patch mgmt. Murad Talukdar (Jun 23)
  - Re: Windows patch mgmt. pingywon MCSE (Jun 23)
    - RE: Windows patch mgmt. Paul Ryan (Jun 24)
- RE: Windows patch mgmt. Kymer, Daniel (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
- Re: RE: Windows patch mgmt. Warren V Camp (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
  - Re: Windows patch mgmt. Ansgar -59cobalt- Wiechers (Jun 25)
- RE: Windows patch mgmt. Daszczyszak, Roman L. SPC (1AD 501 MI BN ACE IMO) (Jun 24)
- RE: Windows patch mgmt. Dan Denton (Jun 24)
- RE: Windows patch mgmt. Robinson, Sonja (Jun 25)