I don't see Microsoft.com in your email. Do you work for them? After 20 years MS should have these holes fixed by now. No excuses!!
-----Original Message----- From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Sunday, October 26, 2008 6:31 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch ? Microsoft does have this... They also have a bunch of internal staff (ACE) that train developers, work on automated tools that analyse code, random code reviews, and creating prescriptive guidance on how to write better code. I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He used to be a security MVP, and he's one of the smartest coders (and a security guy to boot) I know. Cheers Ken > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Monday, 27 October 2008 8:11 AM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch ? > > I see ya point, my real point is why don't they have pen-testers on > staff, looking at there systems trying to find the exploits and fix them > before the bad-guys do. I mean hiring some security researchers on staff > and have them pen-test the non-sense out of your software could go a > long way in keeping stuff secure.. > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED] > Sent: Sunday, October 26, 2008 10:28 AM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch ? > > Fax = fix > > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED] > Sent: Sunday, October 26, 2008 7:18 AM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch ? > > I'm not sure I would agree with that. Developing a fix isn't a 15 minute > job. The chances are they were already hard at work on it. There is a > ton of > compatibility and regression testing that goes into a fax. > They probably got their hand forced because it was out in the wild, but > I > wouldn't go so far as imply they were just sitting around on their asses > until something happened. > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Sunday, October 26, 2008 6:45 AM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch ? > > Yeah someone lit a fire under MSFT arse and they got with the program on > this one, but only after they detected systems getting exploited in the > wild. Why they didn't determine this flaw back when they patched 06-040 > for the same type of issue we probably will never know... > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Kurt Buff [mailto:[EMAIL PROTECTED] > Sent: Friday, October 24, 2008 8:08 PM > To: NT System Admin Issues > Subject: Re: Out of Cycle Critical Windows Patch ? > > Taking this in a slightly different direction... > > I told the IT Director and COO yesterday that I was patching all > servers, and sending an email to all of the laptop users to do the > same. > > They were a bit skeptical, but not only did the emails that I > forwarded them from various lists buttress my opinion, this morning I > got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist > of the message - MSFT is taking this extremely seriously, and you > should patch now. > > Director's comments was "nice job, good of you to jump on this." > > Anyone else get a call like this from MSFT? It's the first time I've > heard of them doing this, and I take it as a really good sign - MSFT > is finally getting the real clue about this stuff. > > Kurt > > On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall > <[EMAIL PROTECTED]> wrote: > > Chaps, > > > > The update that was sent out last night, has that caused any issues > > elsewhere? We've had a spate of calls from users about problems today, > > several servers which were set to auto-update for various reasons have > > had varying levels of failure. It's mentally busy here for a Friday, > and > > the one thing they have in common is that all the machine rebooted for > > an update last night. > > > > Is it just us ? > > > > Olly > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
