Educause Security Discussion mailing list archives
Re: what is your advice to your users
From: "Sadler, Connie" <Connie_Sadler () BROWN EDU>
Date: Mon, 2 Jan 2006 16:24:45 -0500
Does anyone know how close we are to a patch from Microsoft? I have to think they are working on something now - this can't wait!! We don't want to get ourselves into a situation where we are asking users to install the unofficial patch (especially on servers), only to have to back it out in a few days and re-apply something else. Anybody have some status? Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, Brown University Box 1885, Providence, RI 02912 Office: 401-863-7266 -----Original Message----- From: H. Morrow Long [mailto:morrow.long () YALE EDU] Sent: Monday, January 02, 2006 1:28 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] what is your advice to your users Leslie - Waiting so far (luckily most of our users are away -- and the # of WMF exploit attempts we've seen have been small therefore) as an unofficial patch could be a big problem if installed on thousands of desktops and proves to be broken, etc (a case of the cure being worse than the disease). We're hoping for a MS patch and hoping that Symantec on the desktop (and ClamAV/Sophos on the mail servers) protect the bulk of users against the known variants (we are also blocking email with 'Happy New Year' as the subject -- which is an unfortunate step to have to take I know). Some Windows admins have (and more will) installed some of the workarounds and will install stop gap patch most likely. We've put up status messages in various places as well at: www.yale.edu/its/security www.yale.edu/its/security/exploit-wmf.html And we are thinking about next steps (whether to do a communication to end-users, etc.). Morrow On Jan 2, 2006, at 11:23 AM, Ken Connelly wrote:
Yes, I have suggested that local Windows admins install this unofficial patch. - ken Leslie Maltz wrote:"Users of the Windows OS should install an unofficial security patch now without waiting for Microsoft Corp. to make its move, security researchers at The SANS Institute's Internet Storm Center (ISC) advised yesterday." see http://www.computerworld.com/ securitytopics/security/holes/story/0,10801,107420,00.html Are you advising your users to install an unofficial patch or are you
waiting? And Happy New Year to all as we start the year off with new problems. -leslie
Current thread:
- what is your advice to your users Leslie Maltz (Jan 02)
- <Possible follow-ups>
- Re: what is your advice to your users Ken Connelly (Jan 02)
- Re: what is your advice to your users Todd Kisida (Jan 02)
- Re: what is your advice to your users H. Morrow Long (Jan 02)
- Re: what is your advice to your users Sadler, Connie (Jan 02)
- Re: what is your advice to your users Gary Flynn (Jan 02)
- Re: what is your advice to your users Chris Harrington (Jan 02)
- Re: what is your advice to your users Todd Kisida (Jan 03)
- Re: what is your advice to your users Ken Connelly (Jan 03)
- Re: what is your advice to your users Mike Iglesias (Jan 03)
- Re: what is your advice to your users Flagg, Martin D. (Jan 04)
- Re: what is your advice to your users Drake, Craig (Jan 04)
- Re: what is your advice to your users Gary Flynn (Jan 04)
- Re: what is your advice to your users Todd Kisida (Jan 04)
- Re: what is your advice to your users Jeni Li (Jan 04)
(Thread continues...)