On Wed, 2 Mar 2005 09:32:10 -0000, Robertson-Ravo, Neil (RX) <[EMAIL PROTECTED]> wrote: > My point is that if you are running 818 you are NOT fully patched.
Not disputing that at all. And even having MS-SQL fully patched on a Windows box that is missing OS patches doesn't necessarily make you safe either, considering the other known vulnerabilities in a base Windows install. But as you probably know from reading the security bulletins, the overwhelming majority of the vulnerabilities MS issues patches for can be mitigated by controlling and limiting either remote access (e.g. blocking external access to services) or securing physical access -- not fixed for sure, but mitigated. And that certainly gives you time to assess the effect of the patch/update on your systems in a calm and controlled way. My original point wasn't that you have to be fully patched to be safe -- it was that leaving the door wide open to a known and widely publicized problem was foolish and stupid, which would make such a person an idiot. -- John Paul Ashenfelter CTO/Transitionpoint (blog) http://www.ashenfelter.com (email) [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197247 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
