Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Microsoft Security, baby steps ?

From: Troy <th () zeno com>
Date: Mon, 15 Mar 2004 08:35:20 -0800
On Mon, 15 Mar 2004 09:13:54 -0500, "Edge, Ronald D" <edge () indiana edu> wrote:


although this could be amusing...
http://www.microsoft.com/security/protect/cd/order.asp


I particularly like the second link, which states on ordering a security
CD:

"Please allow 2-4 weeks for delivery."

By which time of course there will be either:
      a) a patch to correct the mistakes in the patch on the CD 
         which is in mail
or
      b) a whole new round of patches
or
      c) it will be too late to apply them because the users machine 
         is already trojaned to hell and back.


Actually, that CD only includes the updates as of October 2003. It is
not meant as a replacement for security updates, but just to make it
easier to do a clean install of Windows. I suppose part of it is to
lessen the load on Microsoft's Windows Updates servers, but it does make
re-installing Windows much easier and faster for the average user who
does not know how to slipstream the updates into the Windows install CD.

-- 
Troy

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: