Educause Security Discussion mailing list archives

Re: Microsoft IIS security update ms08-006 looks critical to me

From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Thu, 14 Feb 2008 18:09:39 +0100

 Fwiw, we have a process every patch Tuesday that helps address risk. I
won't bore you with all the details of our processes, but one thing we
find very useful is the internet storm center assessment:
        http://isc.sans.org/diary.html?storyid=3973

 In particular, the client/server breakdown and the "known exploits"
column are helpful in assessing risk. Since 08-006 doesn't have a public
exploit yet, it doesn't fall into the most urgent category for us, which
means we'll find a convenient time to patch our servers this week.

~~~~~~~~~~~~~~~~~~
Brian Basgen
Information Security
Pima Community College

-----Original Message-----
From: David Shettler [mailto:dshettle () HOLYCROSS EDU]
Sent: Tuesday, February 12, 2008 3:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Microsoft IIS security update
ms08-006 looks critical to me

Given that the vector is not disclosed (never is), it could
be such that the complexity of executing an exploit against
said vulnerability is not conducive to automated propagation.
 Without knowing the full details it is difficult to judge.

Based on the information provided I agree with your position, however.

Dave Shettler
ITS, College of the Holy Cross
Lead Dev. OSVDB

Current thread:

Microsoft IIS security update ms08-006 looks critical to me Gary Flynn (Feb 12)
- <Possible follow-ups>
- Re: Microsoft IIS security update ms08-006 looks critical to me David Shettler (Feb 12)
- Re: Microsoft IIS security update ms08-006 looks critical to me Basgen, Brian (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Basgen, Brian (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Curt Wilson (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Gary Flynn (Feb 15)