Andrew
Wed Oct 15 20:41:48 CDT 2003
I know you mentioned this before but I keep forgetting. All the more
reason just to apply the patch after making an image backup. Thanks-- I
suspect a lot of us will just assume that we'll get hit with the fee.
"Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@pacbell.net>
wrote in message news:3F8DE455.8050503@pacbell.net...
> If it fails it's not a $245 call.
>
> Any security patch that causes and issue... it's a free call.
>
>
> Andrew M. Saucci, Jr. wrote:
> > I'd like to agree that "test before you install" is good advice,
but
> > unless the test network exactly duplicates the conditions on the
production
> > network, which is unlikely, the test probably isn't very useful-- and,
more
> > to the point, the vulnerability still exists. So, even assuming that the
> > test fails, what can one do? For a critical update, with "run code of
> > attacker's choice" as the possible result, the only thing to do is to
make
> > an image backup of the server or workstation, apply the thing, say a
prayer,
> > and then call Microsoft if it fails, even if it requires a $245
incident. If
> > MS can't resolve it for you fast enough, then go back to the image
backup
> > and insist on an updated patch as resolution of the incident.
> >
> > "Test before you install" is advice that used to be mandatory
common
> > sense, but the world has changed. I don't like it any more than anyone
else,
> > but for better or for worse, that's the way it is.
> >
> > "Henry Craven" <IUnknown@d.com> wrote in message
> > news:ORjHvb2kDHA.2244@TK2MSFTNGP12.phx.gbl...
> >
> >>This may be a co-incidence, but we have just had 2 Win 2K workstations
Go
> >>Down on the Test Network after applying the latest Security Update.
> >>
> >>An SBS 2K Test Server is also having problems after the installation of
> >
> > the
> >
> >>Critical Updates, and we've had a call from a client re problems with
> >
> > their
> >
> >>server where they've updated.
> >>
> >>** TEST BEFORE YOU INSTALL **
> >>
> >>I think we may have been lulled into a false sense of security with the
> >>success of recent MS Updates.
> >>
> >>--
> >>Henry Craven
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
>
> --
> "Don't lose sight of security. Security is a state of being,
> not a state of budget. He with the most firewalls still does
> not win. Put down that honeypot and keep up to date on your
> patches. Demand better security from vendors and hold them
> responsible. Use what you have, and make sure you know how
> to use it properly and effectively."
> ~Rain Forest Puppy
>
http://www.wiretrip.net/rfp/txt/evolution.txt
>
>