I would submit that just because they don't, doesn't mean they shouldn't. It really depends on your environment and obligations.
-- ME2 On Fri, Apr 8, 2011 at 2:37 PM, Brian Desmond <[email protected]>wrote: > Do you really do proper QA and testing at the level that this would > increase your time burn significantly? I've worked in a lot of places and > I've seen very very few do this scale of testing. > > Agreed on the risk management effort but I'd be surprised if it really took > *that* much longer that it would have a significant impact on your schedule > for other IT projects. > > Thanks, > Brian Desmond > [email protected] > > c - 312.731.3132 > > > -----Original Message----- > From: Ziots, Edward [mailto:[email protected]] > Sent: Friday, April 08, 2011 6:46 AM > To: NT System Admin Issues > Subject: RE: 17 Patches coming out from Microsoft this month. > > Actually from an operational standpoint it does make a difference, because > with 17 patches the QA and testing is going to take a bit longer than with > just two patches. And due to the number of items that these set of patches > fixes ( 64 bugs) there is a lot of potential for disruption of operations if > things don't go smoothly. > > Actually when you look at it from a risk prospective, the type of patches > released and the attack surface you have within your companies/organization > also ties into how quickly you need to role these out, or if you have to > role them out at all, and what priority/timeline they are addressed at. That > is why a risk assessment of what is affected by the flaws fixed with these > patches should be done each and every month and a priority set on the > patches to be deployed based on the finding of the risk assessment ( Yes I > do this every month, its good exercise, and justifies come audit time why > the priority for some patches are ahead of others even though one is > critical and one is important/moderate) > > I can agree that a lot of folks doing full QA the patches coming out each > month from Microsoft, and some of the early adopters do run into some > trouble as we see from time to time on the Patch Management list. > > Just food for thought, > Z > > > > Edward E. Ziots > CISSP, Network +, Security + > Network Engineer > Lifespan Organization > Email:[email protected] > Cell:401-639-3505 > > -----Original Message----- > From: Brian Desmond [mailto:[email protected]] > Sent: Friday, April 08, 2011 12:16 AM > To: NT System Admin Issues > Subject: RE: 17 Patches coming out from Microsoft this month. > > I can never figure this out. What's the difference to you whether they ship > 2 patches or 17? This seems like just your basic sensational headline to me. > It's the same deployment effort. I doubt you're fully qualifying each patch > individually and communally in a full test environment where you'd see > substantial increase in test overhead. > > Thanks, > Brian Desmond > [email protected] > > c - 312.731.3132 > > > -----Original Message----- > From: Ziots, Edward [mailto:[email protected]] > Sent: Thursday, April 07, 2011 3:35 PM > To: NT System Admin Issues > Subject: 17 Patches coming out from Microsoft this month. > > Cross post from Susan Bradley on the Patch Management List. Strap on your > seat-belts folks its going to be a bumpy ride this month. > > Advance Notification Service for the April 2011 Bulletin Release - MSRC > - Site Home - TechNet Blogs: > http://blogs.technet.com/b/msrc/archive/2011/04/07/advance-notification- > service-for-the-april-2011-bulletin-release.aspx<http://blogs.technet.com/b/msrc/archive/2011/04/07/advance-notification-%0Aservice-for-the-april-2011-bulletin-release.aspx> > > My name is Pete Voss, and I'm a senior response communications manager with > Microsoft Trustworthy Computing. I'll be joining the rest of the team on the > MSRC blog <http://blogs.technet.com/b/msrc/> and @MSFTSecResponse < > http://twitter.com/#%21/msftsecresponse/> Twitter handle to help provide > you with the latest information and guidance for Microsoft security. > > Today, we're providing advanced notification < > http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx> on the > release of 17 security bulletins, nine rated Critical and eight rated > Important. This month's bulletin release will address 64 vulnerabilities > across Microsoft Windows, Microsoft Office, Internet Explorer, Visual > Studio, .NET Framework and GDI+. > > This month we'll be closing some issues that Microsoft has already > previously spoken to, including the SMB Browser (Critical) issue publicly > disclosed Feb. 15. Microsoft assessed the situation and reported < > http://blogs.technet.com/b/srd/archive/2011/02/16/notes-on-exploitabili > ty-of-the-recent-windows-browser-protocol-issue.aspx<http://blogs.technet.com/b/srd/archive/2011/02/16/notes-on-exploitabili%0Aty-of-the-recent-windows-browser-protocol-issue.aspx> > > > that although the vulnerability could theoretically allow Remote Code > Execution, that was extremely unlikely. To this day, we have seen no > evidence of attacks. > > We are also planning a fix for the MHTML vulnerability in Windows, rated > Important. We alerted people to this issue with Security Advisory > 2501696 > <http://www.microsoft.com/technet/security/advisory/2501696.mspx> > (including a Fix-It that fully protected customers once downloaded) back in > late January. In March, we updated the advisory to let people know we were > aware of limited, targeted attacks. > > The bulletin release scheduled for the second Tuesday of the month, April > 12, at approximately 10 a.m. PDT. Come back to this blog then for our > official risk and impact analysis, as well as deployment guidance and a > brief video overview of the month's highlights. Meanwhile, customers are > encouraged to review Microsoft's advanced notification < > http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx> and > assess it for their particular environment. Additionally, we recommend that > administrators reference our Security Update Guide < > http://www.microsoft.com/security/msrc/whatwedo/securityguide.aspx> for > help preparing for the bulletin release. > > The monthly technical webcast is scheduled for Wednesday, April 13, hosted > by Jerry Bryant and Jonathan Ness. I invite you to tune in and learn more > about the security bulletins. The webcast is scheduled for Wednesday, April > 13, 2011 at 11 a.m. PDT, and the registration can be found here > <https://msevents.microsoft.com/cui/WebCastEventDetails.aspx?culture=en- > US&EventID=1032327018&CountryCode=US<https://msevents.microsoft.com/cui/WebCastEventDetails.aspx?culture=en-%0AUS&EventID=1032327018&CountryCode=US> > >. > > For all the latest information, you can also follow the MSRC team on > Twitter at @MSFTSecResponse <http://www.twitter.com/msftsecresponse>. > > > Edward E. Ziots > CISSP, Network +, Security + > Network Engineer > Lifespan Organization > Email:[email protected] > Cell:401-639-3505 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
