Full Disclosure mailing list archives
RE: Re: Microsoft Security, baby steps ?
From: John.Airey () rnib org uk
Date: Tue, 16 Mar 2004 10:25:52 -0000
-----Original Message----- From: Troy [mailto:th () zeno com] Sent: Monday, 15 March 2004 16:35 To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Re: Microsoft Security, baby steps ? On Mon, 15 Mar 2004 09:13:54 -0500, "Edge, Ronald D" <edge () indiana edu> wrote:although this could be amusing... http://www.microsoft.com/security/protect/cd/order.aspI particularly like the second link, which states onordering a securityCD: "Please allow 2-4 weeks for delivery." By which time of course there will be either: a) a patch to correct the mistakes in the patch on the CD which is in mail or b) a whole new round of patches or c) it will be too late to apply them because the users machine is already trojaned to hell and back.Actually, that CD only includes the updates as of October 2003. It is not meant as a replacement for security updates, but just to make it easier to do a clean install of Windows. I suppose part of it is to lessen the load on Microsoft's Windows Updates servers, but it does make re-installing Windows much easier and faster for the average user who does not know how to slipstream the updates into the Windows install CD.
Slipstreaming Windows 2000 SP4 is relatively easy, however you'll find that you can't run certain Microsoft Java applications (eg Outlook Web Access Calendar), nor can you install msjvm.exe either if you do. Slipstreaming an earlier version and then upgrading to SP4 and Microsoft Java works. The Sun version of Java doesn't work in this instance either (I've tried). For 2000 and XP systems you can download the updates from Windows Update and put them on your own CD together with any service packs. Given how quickly machines can be infected that's more useful than a CD from Microsoft. Those of you still supporting NT4 servers are stuck with Windows Update now as several updates can only be retrieved with the use of a NIC. What is it with Microsoft and security? Come on Microsoft. How about putting together a single file that contains all the "critical" security updates since the last service pack for a given OS? Then us beleaguered admins can stick it on a CD together with the relevant service packs and we'd no longer need to use the NIC until a machine is fully patched. Who knows, perhaps then we'd get sensible results out of MBSA? I use kickstart and the genhdlist package with Red Hat to ensure that any installed system has all the updates installed on the first boot after installation. Why then does Windows have to lag so far behind? - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey () rnib org uk Shameless movie plug - go see the Passion of the Christ! - DISCLAIMER: NOTICE: The information contained in this email and any attachments is confidential and may be privileged. If you are not the intended recipient you should not use, disclose, distribute or copy any of the content of it or of any attachment; you are requested to notify the sender immediately of your receipt of the email and then to delete it and any attachments from your system. RNIB endeavours to ensure that emails and any attachments generated by its staff are free from viruses or other contaminants. However, it cannot accept any responsibility for any such which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft Security, baby steps ? morning_wood (Mar 13)
- <Possible follow-ups>
- Re: Microsoft Security, baby steps ? Edge, Ronald D (Mar 15)
- Re: Re: Microsoft Security, baby steps ? Troy (Mar 15)
- Re: Re: Microsoft Security, baby steps ? Nick FitzGerald (Mar 16)
- Re: Re: Microsoft Security, baby steps ? Paul Schmehl (Mar 16)
- Re: Re: Microsoft Security, baby steps ? Luke Scharf (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Daniele Muscetta (Mar 17)
- RE: Re: Microsoft Security, baby steps ? Andrew Aris (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Nick FitzGerald (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Troy (Mar 15)
- Re: Re: Microsoft Security, baby steps ? Blue Boar (Mar 16)
- Re: Re: Microsoft Security, baby steps ? Geoincidents (Mar 16)
- Re: Re: Microsoft Security, baby steps ? Daniele Muscetta (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Dave Horsfall (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Daniele Muscetta (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Ron DuFresne (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Daniele Muscetta (Mar 17)
- Re: Re: Microsoft Security, baby steps ? Guido van Rooij (Mar 18)