| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <60400000.1059793247@localhost> From: pauls at utdallas.edu (Paul Schmehl) Subject: Can DCOM be disabled safely? Earlier today I posted some preliminary research that I had been doing into the ramifications of disabling DCOM. I reported that SMS was affected by it and several other things may be, including SUS, Group Policies and the Management Snap-in. Since then, I have been corresponding with a gentleman who has been testing disabling DCOM in a test environment. So far it appears that disabling DCOM will *not* impact the snap-ins, SUS or policies. It also appears that it *may* not impact SMS either, although testing is ongoing. I just wanted to clarify this in case some had taken my comments to be the final word. Obviously everyone's environment is different, and what works in one might not work in another. So proceed carefully. With regard to my comments about SUS using Windows Update technology to verify patches (and therefore being subject to false positives), I quote from Microsoft: "Software Update Services is based on the same back-end technology used on the public Windows Update site that has been servicing Windows customers since mid-1998." <http://www.microsoft.com/windows2000/windowsupdate/sus/suscomponents.asp> Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu
Powered by blists - more mailing lists