| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft under fire for 'critical' 14-patch update | |
|
||
| Time: 09:30 EST/14:30 GMT | News Source: Computer Weekly | Posted By: Robert Stein | ||
|
Microsoft is facing criticism about the size and lack of testing of the monthly security update it released last week, which contained 14 patches. Russ Cooper, chief scientist at consultancy TruSecure, said, "By supplying patches to 14 different components of Windows in a single patch, declaring many of them to be critical, Microsoft has forced administrators to adopt patches to all components." This will prolong the testing users need to undertake. He also suggested that the lack of beta testing puts a question mark over the quality of the Windows XP Service Pack 2, which is due to be released before the end of June. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 164 Last | Next |
The time now is
6:16:03 AM
ET.
Any comment problems? E-mail us |
| #1 By 19992 (164.214.4.32) at 4/20/2004 11:45:07 AM |
|
What a waste of space. MS releases security patches and get slammed for it?Sorry, I could understand and sympathize with the complainers if the patches brought back the old BSOD when ejecting a CD in NT 4.0, but I don't see that here.
My organization already completed testing of the patches and we have rolled it out to about 9K client machines so far with no problems caused by patches. Edit Why is a 'lack of beta testing' suddenly an issue? I've seen more information related to SP2 than I have for all of Microsoft Service Packs put together. This post was edited by happyguy on Tuesday, April 20, 2004 at 11:47. |
| #2 By 1896 (68.153.171.248) at 4/20/2004 11:58:21 AM |
|
"He also suggested that the lack of beta testing puts a question mark over the quality of the Windows XP Service Pack 2"
Does this guy know that there is an ongoing beta program for XP XP2? What are the facts supporting his "suggestion"? I would be really interested to see them. |
| #3 By 7797 (63.76.44.78) at 4/20/2004 3:45:33 PM |
|
"No problems with this patch on 80 servers or on desktops."
So parkker, you fully tested these patches and their possible effects on your network thouroughly and deployed it onto 80 server and workstations within 1 week of their release? |
| #4 By 19992 (69.170.7.187) at 4/20/2004 5:01:57 PM |
|
#12 You rolled them out the day after they were released, with no testing? Good luck to you in the future, that's a fairly high stakes game of chance you are playing w/ your career.
#13 It's entirely possible, I've already rolled out to 9000 desktops (server deployment starts Monday). Of course we've got about 15 people that perform testing on patches in a dedicated test environment as soon as they are released. |
| #5 By 19992 (69.170.7.187) at 4/20/2004 5:05:39 PM |
| #14 You've been fairly lucky about not having problems with the MS patches in such a long time. We had a problem about 1 1/2 years ago where MS rewrote the TCP/IP stack in XP. The odd part was that it seemed that any one of 4 patches would kill it. Not a major issue ofr most organizations, but I was no longer able to capture packets in the way I wanted to over a VPN connection, which was a HUGE issue. |
| #6 By 9589 (68.17.52.2) at 4/20/2004 5:55:45 PM |
|
We are half way through an SMS 2k3 deployment of 85k workstations with no problems reported so far. SMS 2k3 does a much better job of taking care of our mobile users than ever before. We start deployment to over 6k servers in a couple of days with all "forward" facing servers getting updated first.
We haven't had problems with Microsoft's patches or service packs in some time. We have the latest version WinXP SP/2 in our labs and like what we see. We hope to be ready for deployment of it three to four weeks after its release. We have cut staff in our test labs by 30% over the last year because this process has become so routine. Nevertheless, our mainframers still laugh at us when we talk about how much more stable the distributed environment is becoming. There is still a long way to go . . . |
| #7 By 135 (209.180.28.6) at 4/20/2004 6:22:19 PM |
|
Where's my money!?
I still don't have my money fromt he Minnesota settlement. |
| #8 By 22467 (200.88.9.173) at 4/20/2004 6:42:53 PM |
| Lack of beta testing in Windows XP SP2? What the hell is he talking about? |
| #9 By 7797 (63.76.44.82) at 4/21/2004 7:58:34 AM |
|
"And since we haven't had a problem with Microsoft's patches for years, I load 'em up on my XP PC, reboot. If I don't have a problem, I load 'em up on a test server. If that goes ok, I do the ok on SUS."
Yeah that sounds like a really smart idea. You are one hell of a sysadmin! very thorough job. I would definetely hire you on the spot for my business. |
| #10 By 7797 (63.76.44.82) at 4/21/2004 8:03:55 AM |
|
"It's entirely possible, I've already rolled out to 9000 desktops (server deployment starts Monday). Of course we've got about 15 people that perform testing on patches in a dedicated test environment as soon as they are released."
Of course its possible if you have the manpower and setup to do it. But by the way parkker was telling us it didn't seem like he put any REAL testing into it which is IMHO plain stupid especially with a patch that touches 14 different windows components. And as you see he confirmed it. -->"I load 'em up on my XP PC, reboot. If I don't have a problem, I load 'em up on a test server. If that goes ok, I do the ok on SUS." In no way would this be considered "testing" a patch in any REAL IT department. He's playing with fire and one day he'll get burnt! |
| #11 By 19992 (164.214.4.61) at 4/21/2004 8:51:47 AM |
|
#22 Agreed, but notice our (mine and parkkers') posting times. I was writing my comment as he wrote his. I wouldn't even think of claiming that testing of patches on a single desktop as being complete or even remotely indicative of estimated systems functionality after the patch is applied.
|
| #12 By 19992 (164.214.4.61) at 4/21/2004 12:19:45 PM |
| #24 It's not, as you claim, a matter of anyone being "shocked" that you would trust Micrsoft to do a good job. It's a matter of weighing in which costs more: A few days of testing everytime Microsoft (or any OS vendor) releases a patch or dealing with the ramifications of having staff unable to do their jobs because you rushed out a patch that prevents users from accessing certain applications. |
| #13 By 7797 (63.76.44.82) at 4/21/2004 3:50:43 PM |
|
happyguy i couldn't agree more with you.
"I prefer to err on the side of security versus 100% assurance through rigorous testing." Being patched up to date is only one small slice in a real network's multileveled approach to security. So if your other layers of security are in place then it isn't necessary to "trust" microsoft to do a good job on patches. If your other layers of security are in place then you should be able to spend a few extra days to fully test patches and their effect on your network without worrying aboout 0day exploitz. |
| #14 By 7797 (63.76.44.82) at 4/22/2004 7:31:41 AM |
| your logic defies gravity parkker |
| #15 By 19992 (164.214.4.32) at 4/22/2004 8:50:34 AM |
|
#27 That's pretty much beside the point, but let's take a quick look at the multilevel security in place at Stanford (the major univ you keep referencing in regards to a supercomputer breakin).
"In the first two weeks of August, 2003, more than 7,000 Windows PCs on campus were infected by "worm" programs that gave control of the PC to hackers! These "worms" were exploiting the new "RPC overflow" security bug that had just been discovered a few weeks earlier. A patch to fix the bug had been available from Microsoft for two weeks before the hacker attack." And "On average, a new hostile hacker scan of the Stanford network starts every 15 minutes! If you put your computer on the network with open accounts or other security bugs, it will be compromised within hours or even minutes. Unlike corporations with tight firewalls, Stanford's network is mostly open to the entire internet. Even the limited filtering of incoming traffic that Stanford does is only partially effective; a hacker who finds a way into one computer on the campus can then use it to launch attacks on others, even though the "perimeter" is supposedly secured. Stanford's relatively open network makes it easy for you to access any network service, but also makes it easy for hackers to scan our network for vulnerable computers and attack them." Doesn't sound to terribly secure does it? maybe they should work on a multi-level security system after all, huh? http://pangea.stanford.edu/computerinfo/windows/security/index.html |
|
Write Comment
Return to News |
Displaying 1 through 25 of 164 Last | Next |
The time now is
6:16:03 AM
ET.
Any comment problems? E-mail us |
