On Wednesday 12 November 2003 17:20, jgw wrote: > The patch for that vulnerability was issued nearly a month > before Blaster. I believe Blaster first showed up around August > 11th. The patch in question, MS03-026, came out in mid-July... > the 16th? > > The worm was relatively successful not because Microsoft hadn't > yet issued a patch, it was successful due to lazy sysadmins not > patching their systems in a timely manner.
"Lazy sysadmins"? I beg to differ. How about "overworked sysadmins"? I was once in charge of a 'Doze network and there was no way I could keep current with the patches. Before one patch project was complete, there were two more vulnerabilities that needed patching. And patching M$ systems isn't exactly quick or easy with all of the testing that must be done first, not to mention trying to schedule the patch around various or department's schedules. I could have worked full-time at that place doing nothing else -- but I was required to do everything else. The problem isn't lazy sysadmins, unless not wanting to work 70 hours per week is your definition of "lazy." Ken _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug