lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY7-DAV35q9IcVux1Z0002283d@hotmail.com> From: helmut_hauser at hotmail.com (Helmut Hauser) Subject: no more public exploits I agree to Bernard J. Duffys point: +1 First test all patches in a test environment before applying. If all went OK then apply patches networkwide We use SUS (now WUS) - others to mention are SMS or CA Unicenter With SUS you can approve updates if they are running without problems (in the testlab) Note that MS0411 has some problems: http://support.microsoft.com/default.aspx?scid=kb;en-us;835732 Without testing patches you could have a non booting server and thats more cost intensive ... I remind the SP6 issue with Lotus not working cause of a broken TCP/IP Stack or the NT SP4 and Samba problem with EnablePlainTextPassword=yes (what a crap in mind of security) in the registry Or the first release of Citrix Metaframe Feature Release 3 which caused the metaframe database to crash and resulted in a non working server farm. just my 0.002 cents Helmut Hauser