Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Publishing Nimda Logs

From: zeno <bugtraq () cgisecurity net>
Date: Wed, 8 May 2002 08:33:17 -0400 (EDT)

On Tuesday 07 May 2002 17:06, zeno wrote:

Here is an idea.

Perhaps make windows do updates every 5 minutes in default install. Problem
solved.


- zeno () cgisecurity com


Aacckkk! No!  Windows XP Pro has the automatic update service enabled by 
default and that is a BAD idea.  I want to know what patches are going to be 
installed before they reach my production servers.  For one thing I don't 
want to install things that don't apply to my system.  For another patches 
are not always tested sufficiently (NT4 SP2 anyone?)

I would prefer that Microsoft leave this function out of the default install 
and opt for "inform me when a patch is available" mode instead.  They can 
even make it red and flashy and say "critical" but don't install it for me.



I agree not every patch should be installed. Perhaps manditory security patches should be.
Problem is knowing how microsoft works they'd probably try to sneak something else in along
with that patch..Also they'd have to make sure the patches work properly before releasing on all
systems....

- zeno () cgisecurity com
Previous By Date Next
Previous By Thread Next

Current thread: