Re: It's not that simple... [Was: Re: Disney Down?]

[Ron DuFresne <dufresne () winternet com>]

On Wed, 17 Aug 2005, Micheal Espinola Jr wrote:

> > From my perspective, developing a patch and applying a patch are two
> different life cycles.  I'm no developer, but I know what it takes to
> properly test and roll-out patches within my (current and previous)
> organization(s).
>
> I don't pretend to believe that all patches are the same, but this PnP
> patch is one of the less difficult to deal with in terms of a
> roll-out.  I truly believe this recent worm could have been avoided if
> MS05-039 was taken more seriously.

Isn't this like the second or third time M$ has been bitten by pnp within
the past say two to three years?  So, is this an example of the M$
tendency to not fully patch the affected system/service, but to only
address a "current" potential which has been a thing that's bitten them in
the past many many times as well?


> I cannot say as to why MS hasn't addressed any other outstanding
> issues.  While it's a valid concern of mine as well, it really doesn't
> relate to the discussion regarding the MS05-039 fiasco.


Perhaps it does realte considering the above and considering that the unix
world learned many of the evils of RCP services over ten years ago that
seem to hit the M$ realm every few months, repeatedly...


Thanks,

Ron DuFresne
-- 
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/