Full Disclosure mailing list archives
Re: It's not that simple... [Was: Re: Disney Down?]
From: Micheal Espinola Jr <michealespinola () gmail com>
Date: Wed, 17 Aug 2005 15:29:58 -0400
From my perspective, developing a patch and applying a patch are two
different life cycles. I'm no developer, but I know what it takes to properly test and roll-out patches within my (current and previous) organization(s). I don't pretend to believe that all patches are the same, but this PnP patch is one of the less difficult to deal with in terms of a roll-out. I truly believe this recent worm could have been avoided if MS05-039 was taken more seriously. I cannot say as to why MS hasn't addressed any other outstanding issues. While it's a valid concern of mine as well, it really doesn't relate to the discussion regarding the MS05-039 fiasco. On 8/17/05, Geo. <geoincidents () nls net> wrote:
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk]On Behalf Of Micheal Espinola JrRegardless of "a LOT of Windows 2000 out there...", these companiesweren't bitten the same day the initial exploit was released. 6 days is plenty of time to have tested compatibility and to distribute the patch.<< How can you allow a vendor to take 6 months to a year to release a patch and then say 6 days is plenty of time to test and patch? You know, I was sure when MS announced there would be 6 patches for august that one of them would be one of these http://www.eeye.com/html/research/upcoming/index.html but I guess not... 141 days and counting, and it will get released when MS hears that someone has written and released an exploit for it, then of course all of us have 6 days to live.. Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- ME2 <http://www.santeriasys.net/> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- It's not that simple... [Was: Re: Disney Down?] Fergie (Paul Ferguson) (Aug 17)
- Re: It's not that simple... [Was: Re: Disney Down?] Micheal Espinola Jr (Aug 17)
- RE: It's not that simple... [Was: Re: Disney Down?] Geo. (Aug 17)
- Re: It's not that simple... [Was: Re: Disney Down?] Micheal Espinola Jr (Aug 17)
- Re: It's not that simple... [Was: Re: Disney Down?] Ron DuFresne (Aug 17)
- Re: It's not that simple... [Was: Re: Disney Down?] fd (Aug 18)
- Re: It's not that simple... [Was: Re: Disney Down?] Nick FitzGerald (Aug 18)
- Re: It's not that simple... [Was: Re: Disney Down?] Ron DuFresne (Aug 22)
- Re: It's not that simple... [Was: Re: Disney Down?] James Tucker (Aug 19)
- Re: It's not that simple... [Was: Re: Disney Down?] Barrie Dempster (Aug 19)
- RE: It's not that simple... [Was: Re: Disney Down?] Geo. (Aug 17)
- Re: It's not that simple... [Was: Re: Disney Down?] Micheal Espinola Jr (Aug 17)
- Re: Re: It's not that simple... Jason Coombs (Aug 17)
- Re: Re: It's not that simple... Kurt Seifried (Aug 17)