While Linux bugs are probably less prevalent then those in Windows, there is at least one or two significant zero-day security bugs each year that need patched immediately.
A notable recent example: the mempodipper exploit<http://blog.zx2c4.com/749> (http://blog.zx2c4.com/749) that allows one to gain root access on any 2.6.39 or newer kernel that has not been patched. In my security consulting, I've had a least a few organization fall prey to this exploit, even though a patch was released immediately. If you haven't heard of this exploit before now, it's probably a good indicator that automatic-security updates may be right for you. If you don't use these, and haven't manually applied the patch, you may even have a system that is still vulnerable. There's a good news article here<http://www.linuxfordevices.com/c/a/News/CVE20120056-patched/> (http://www.linuxfordevices.com/c/a/News/CVE20120056-patched/) on the issue. I agree with Cowboy's general feelings regarding automatic patching of non-security related concerns (if it's not broken, don't fix it). And as was stated before, weather or not your machines are directly connected to the Internet and a number of other factors determine how big and vulnerable a target you may be. But in many cases, I believe automatic security patching is in an organization's best interest. As always, you make the decision that is best suited to your needs. Cheers, Andy On Fri, Feb 17, 2012 at 15:26, Cowboy <[email protected]> wrote: > On Wednesday 15 February 2012 06:18:39 pm Andy Sayler wrote: > > As Fred implies, you generally want to also enable automatic security > > updates. > > I would again disagree ! > > *nix ain't Windows !! > > Generally, *nix updates are issued for some obscure partial vulnerability > that was able to be forced in a lab under very specific conditions > unlikely > to occur in the real world. > > Windows updates are not issued until after millions of machines have > been compromised, and problems have been reported multiple times. > > -- > Cowboy > > http://cowboy.cwf1.com > > Justice, n.: > A decision in your favor. > > _______________________________________________ > Rivendell-dev mailing list > [email protected] > http://lists.rivendellaudio.org/mailman/listinfo/rivendell-dev >
_______________________________________________ Rivendell-dev mailing list [email protected] http://lists.rivendellaudio.org/mailman/listinfo/rivendell-dev
