[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <acdc033d0508171229160b04d@mail.gmail.com>
Date: Wed Aug 17 20:30:07 2005
From: michealespinola at gmail.com (Micheal Espinola Jr)
Subject: It's not that simple... [Was: Re: Disney Down?]
>From my perspective, developing a patch and applying a patch are two
different life cycles. I'm no developer, but I know what it takes to
properly test and roll-out patches within my (current and previous)
organization(s).
I don't pretend to believe that all patches are the same, but this PnP
patch is one of the less difficult to deal with in terms of a
roll-out. I truly believe this recent worm could have been avoided if
MS05-039 was taken more seriously.
I cannot say as to why MS hasn't addressed any other outstanding
issues. While it's a valid concern of mine as well, it really doesn't
relate to the discussion regarding the MS05-039 fiasco.
On 8/17/05, Geo. <geoincidents@....net> wrote:
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk]On Behalf Of Micheal
> Espinola Jr
>
>
> >>Regardless of "a LOT of Windows 2000 out there...", these companies
> weren't bitten the same day the initial exploit was released. 6 days
> is plenty of time to have tested compatibility and to distribute the
> patch.<<
>
> How can you allow a vendor to take 6 months to a year to release a patch and
> then say 6 days is plenty of time to test and patch?
>
> You know, I was sure when MS announced there would be 6 patches for august
> that one of them would be one of these
> http://www.eeye.com/html/research/upcoming/index.html but I guess not... 141
> days and counting, and it will get released when MS hears that someone has
> written and released an exploit for it, then of course all of us have 6 days
> to live..
>
> Geo.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
ME2 <http://www.santeriasys.net/>
Powered by blists - more mailing lists