Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Yeah, I'm pushing this out as fast as I can - I'll be patching servers
tonight, and the rest of the workstations next week.

On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
 ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kennedy, Jim
I am all done!  Neeener neener.  :)

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, March 16, 2012 10:24 AM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

Yeah, I'm pushing this out as fast as I can - I'll be patching servers tonight, 
and the rest of the workstations next week.

On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
 ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
 de-Confirmed-259060.shtml


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kennedy, Jim
Interesting. The code on the Chinese website is exactly the same as the code 
that was sent to MS 10 months ago in the PoC.


-Original Message-
From: Kennedy, Jim 
Sent: Friday, March 16, 2012 10:24 AM
To: NT System Admin Issues
Subject: RE: In case anyone didn't see this on the Patch Management list...

I am all done!  Neeener neener.  :)

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, March 16, 2012 10:24 AM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

Yeah, I'm pushing this out as fast as I can - I'll be patching servers tonight, 
and the rest of the workstations next week.

On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
 ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
 de-Confirmed-259060.shtml


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Mark Boeck
thx, quite interesting.
ps
love your disclaimer! lol!

On Fri, Mar 16, 2012 at 9:14 AM, James Rankin kz2...@googlemail.com wrote:

 ...
 http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml

 --
 http://appsensebigot.blogspot.com

 IMPORTANT INFORMATION/DISCLAIMER

 I certainly don't have time to monitor the content of e-mail sent and
 received via this account for the purposes of ensuring compliance with
 anyone's policies and procedures. I am pretty sure that somewhere in UK
 legislation there is some politically-correct drivel that stipulates I must
 never send or store e-mails or attachments that are obscene, indecent,
 sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
 amusing, overly long, slightly opinionated, anonymous, likely to harm
 animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
 minority (such as extraterrestrial eggplants). Emails of this nature sent
 in or out of this account may be intercepted and stopped by the system, but
 it's a long shot. This being the UK, even if I was prosecuted for breach of
 said email guidelines, I'd probably walk with a suspended sentence anyway,
 but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
 drawn and quartered.

 I am not responsible for any changes made to the message after it has been
 sent, in more or less the same way that cyclozine manufacturers aren't
 responsible for drug addicts mixing it with methadone and overdosing, so
 I'm glad I cleared the confusion up there nice and early. Where opinions
 are expressed, they are not necessarily mine. However, I don't make a habit
 of expressing other people's opinions for them, so you shouldn't take that
 statement as an indication that I am in the business of providing an
 opinion-expressing service. In the event that I did, this discourse would
 provide no guarantee that I would do it anyway, but I don't, so I won't.

 This e-mail and any files transmitted with it are confidential and
 intended solely for the use of the individual or entity to whom they are
 addressed. If you are not the intended addressee, or the person responsible
 for delivering it to them, aside from the fact that you've clearly got some
 level of unauthorised access to their account or are at least engaged in
 some sort of fraud, I'm obliged to tell you that may not copy, forward
 disclose or otherwise use it or any part of it in any way. To do so may be
 unlawful, and as you're already breaking the law, I am sure that bombshell
 makes you quake in your boots and turn yourself over to law enforcement
 immediately. If you receive this e-mail by mistake, please advise the
 sender immediately. That would be me, and as I am clearly prone to sending
 emails to completely the wrong person, I should instantly be stripped of my
 status as a technical consultant and sent to do something more becoming of
 my stupidity, such as appearing on Big Brother, the X Factor or insert
 country name here's Got Talent.

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Unfortunately, I can't move quite that fast. We're pretty much a 24x5
shop, with offices overseas, and I have to give more notice than
patching now, please log off.  At least I have most weekends to do
this kind of thing...

Kurt

On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
kennedy...@elyriaschools.org wrote:
 I am all done!  Neeener neener.  :)

 -Original Message-
 From: Kurt Buff [mailto:kurt.b...@gmail.com]
 Sent: Friday, March 16, 2012 10:24 AM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 Yeah, I'm pushing this out as fast as I can - I'll be patching servers 
 tonight, and the rest of the workstations next week.

 On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
 ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
 de-Confirmed-259060.shtml


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread James Rankin
Eeek! Don't go there!

On 16 March 2012 14:48, Mark Boeck netadmin...@gmail.com wrote:

 thx, quite interesting.
 ps
 love your disclaimer! lol!


 On Fri, Mar 16, 2012 at 9:14 AM, James Rankin kz2...@googlemail.comwrote:

 ...
 http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml

 --
 http://appsensebigot.blogspot.com

 IMPORTANT INFORMATION/DISCLAIMER

 I certainly don't have time to monitor the content of e-mail sent and
 received via this account for the purposes of ensuring compliance with
 anyone's policies and procedures. I am pretty sure that somewhere in UK
 legislation there is some politically-correct drivel that stipulates I must
 never send or store e-mails or attachments that are obscene, indecent,
 sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
 amusing, overly long, slightly opinionated, anonymous, likely to harm
 animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
 minority (such as extraterrestrial eggplants). Emails of this nature sent
 in or out of this account may be intercepted and stopped by the system, but
 it's a long shot. This being the UK, even if I was prosecuted for breach of
 said email guidelines, I'd probably walk with a suspended sentence anyway,
 but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
 drawn and quartered.

 I am not responsible for any changes made to the message after it has
 been sent, in more or less the same way that cyclozine manufacturers aren't
 responsible for drug addicts mixing it with methadone and overdosing, so
 I'm glad I cleared the confusion up there nice and early. Where opinions
 are expressed, they are not necessarily mine. However, I don't make a habit
 of expressing other people's opinions for them, so you shouldn't take that
 statement as an indication that I am in the business of providing an
 opinion-expressing service. In the event that I did, this discourse would
 provide no guarantee that I would do it anyway, but I don't, so I won't.

 This e-mail and any files transmitted with it are confidential and
 intended solely for the use of the individual or entity to whom they are
 addressed. If you are not the intended addressee, or the person responsible
 for delivering it to them, aside from the fact that you've clearly got some
 level of unauthorised access to their account or are at least engaged in
 some sort of fraud, I'm obliged to tell you that may not copy, forward
 disclose or otherwise use it or any part of it in any way. To do so may be
 unlawful, and as you're already breaking the law, I am sure that bombshell
 makes you quake in your boots and turn yourself over to law enforcement
 immediately. If you receive this e-mail by mistake, please advise the
 sender immediately. That would be me, and as I am clearly prone to sending
 emails to completely the wrong person, I should instantly be stripped of my
 status as a technical consultant and sent to do something more becoming of
 my stupidity, such as appearing on Big Brother, the X Factor or insert
 country name here's Got Talent.

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin




-- 
http://appsensebigot.blogspot.com

IMPORTANT INFORMATION/DISCLAIMER

I certainly don't have time to monitor the content of e-mail sent and
received via this account for the purposes of ensuring compliance with
anyone's policies and procedures. I am pretty sure that somewhere in UK
legislation there is some politically-correct drivel that stipulates I must
never send or store e-mails or attachments that are obscene, indecent,
sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
amusing, overly long, slightly opinionated, anonymous, likely to harm
animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
minority (such as extraterrestrial eggplants). Emails of this nature sent
in or out of this account may be intercepted and stopped by the system, but
it's a long shot. This being the UK, even if I was prosecuted for breach of
said email guidelines, I'd probably walk with a suspended sentence anyway,
but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
drawn and quartered.

I am not responsible for any changes made to the message after it has been
sent, in more or less the same way that cyclozine manufacturers aren't
responsible for drug 

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread James Rankin
Eeek! Don't go there!

On 16 March 2012 14:48, Mark Boeck netadmin...@gmail.com wrote:

 thx, quite interesting.
 ps
 love your disclaimer! lol!


 On Fri, Mar 16, 2012 at 9:14 AM, James Rankin kz2...@googlemail.comwrote:

 ...
 http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml

 --
 http://appsensebigot.blogspot.com

 IMPORTANT INFORMATION/DISCLAIMER

 I certainly don't have time to monitor the content of e-mail sent and
 received via this account for the purposes of ensuring compliance with
 anyone's policies and procedures. I am pretty sure that somewhere in UK
 legislation there is some politically-correct drivel that stipulates I must
 never send or store e-mails or attachments that are obscene, indecent,
 sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
 amusing, overly long, slightly opinionated, anonymous, likely to harm
 animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
 minority (such as extraterrestrial eggplants). Emails of this nature sent
 in or out of this account may be intercepted and stopped by the system, but
 it's a long shot. This being the UK, even if I was prosecuted for breach of
 said email guidelines, I'd probably walk with a suspended sentence anyway,
 but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
 drawn and quartered.

 I am not responsible for any changes made to the message after it has
 been sent, in more or less the same way that cyclozine manufacturers aren't
 responsible for drug addicts mixing it with methadone and overdosing, so
 I'm glad I cleared the confusion up there nice and early. Where opinions
 are expressed, they are not necessarily mine. However, I don't make a habit
 of expressing other people's opinions for them, so you shouldn't take that
 statement as an indication that I am in the business of providing an
 opinion-expressing service. In the event that I did, this discourse would
 provide no guarantee that I would do it anyway, but I don't, so I won't.

 This e-mail and any files transmitted with it are confidential and
 intended solely for the use of the individual or entity to whom they are
 addressed. If you are not the intended addressee, or the person responsible
 for delivering it to them, aside from the fact that you've clearly got some
 level of unauthorised access to their account or are at least engaged in
 some sort of fraud, I'm obliged to tell you that may not copy, forward
 disclose or otherwise use it or any part of it in any way. To do so may be
 unlawful, and as you're already breaking the law, I am sure that bombshell
 makes you quake in your boots and turn yourself over to law enforcement
 immediately. If you receive this e-mail by mistake, please advise the
 sender immediately. That would be me, and as I am clearly prone to sending
 emails to completely the wrong person, I should instantly be stripped of my
 status as a technical consultant and sent to do something more becoming of
 my stupidity, such as appearing on Big Brother, the X Factor or insert
 country name here's Got Talent.

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin




-- 
http://appsensebigot.blogspot.com

IMPORTANT INFORMATION/DISCLAIMER

I certainly don't have time to monitor the content of e-mail sent and
received via this account for the purposes of ensuring compliance with
anyone's policies and procedures. I am pretty sure that somewhere in UK
legislation there is some politically-correct drivel that stipulates I must
never send or store e-mails or attachments that are obscene, indecent,
sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
amusing, overly long, slightly opinionated, anonymous, likely to harm
animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
minority (such as extraterrestrial eggplants). Emails of this nature sent
in or out of this account may be intercepted and stopped by the system, but
it's a long shot. This being the UK, even if I was prosecuted for breach of
said email guidelines, I'd probably walk with a suspended sentence anyway,
but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
drawn and quartered.

I am not responsible for any changes made to the message after it has been
sent, in more or less the same way that cyclozine manufacturers aren't
responsible for drug 

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread James Rankin
SANS InfoCon just went Yellow on this

http://isc.sans.edu/diary/INFOCON+Yellow+-+Microsoft+RDP+-+MS12-020/12805

On 16 March 2012 15:07, James Rankin kz2...@googlemail.com wrote:

 Eeek! Don't go there!


 On 16 March 2012 14:48, Mark Boeck netadmin...@gmail.com wrote:

 thx, quite interesting.
 ps
 love your disclaimer! lol!


 On Fri, Mar 16, 2012 at 9:14 AM, James Rankin kz2...@googlemail.comwrote:

 ...
 http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml

 --
 http://appsensebigot.blogspot.com

 IMPORTANT INFORMATION/DISCLAIMER

 I certainly don't have time to monitor the content of e-mail sent and
 received via this account for the purposes of ensuring compliance with
 anyone's policies and procedures. I am pretty sure that somewhere in UK
 legislation there is some politically-correct drivel that stipulates I must
 never send or store e-mails or attachments that are obscene, indecent,
 sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
 amusing, overly long, slightly opinionated, anonymous, likely to harm
 animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
 minority (such as extraterrestrial eggplants). Emails of this nature sent
 in or out of this account may be intercepted and stopped by the system, but
 it's a long shot. This being the UK, even if I was prosecuted for breach of
 said email guidelines, I'd probably walk with a suspended sentence anyway,
 but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
 drawn and quartered.

 I am not responsible for any changes made to the message after it has
 been sent, in more or less the same way that cyclozine manufacturers aren't
 responsible for drug addicts mixing it with methadone and overdosing, so
 I'm glad I cleared the confusion up there nice and early. Where opinions
 are expressed, they are not necessarily mine. However, I don't make a habit
 of expressing other people's opinions for them, so you shouldn't take that
 statement as an indication that I am in the business of providing an
 opinion-expressing service. In the event that I did, this discourse would
 provide no guarantee that I would do it anyway, but I don't, so I won't.

 This e-mail and any files transmitted with it are confidential and
 intended solely for the use of the individual or entity to whom they are
 addressed. If you are not the intended addressee, or the person responsible
 for delivering it to them, aside from the fact that you've clearly got some
 level of unauthorised access to their account or are at least engaged in
 some sort of fraud, I'm obliged to tell you that may not copy, forward
 disclose or otherwise use it or any part of it in any way. To do so may be
 unlawful, and as you're already breaking the law, I am sure that bombshell
 makes you quake in your boots and turn yourself over to law enforcement
 immediately. If you receive this e-mail by mistake, please advise the
 sender immediately. That would be me, and as I am clearly prone to sending
 emails to completely the wrong person, I should instantly be stripped of my
 status as a technical consultant and sent to do something more becoming of
 my stupidity, such as appearing on Big Brother, the X Factor or insert
 country name here's Got Talent.

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin




 --
 http://appsensebigot.blogspot.com

 IMPORTANT INFORMATION/DISCLAIMER

 I certainly don't have time to monitor the content of e-mail sent and
 received via this account for the purposes of ensuring compliance with
 anyone's policies and procedures. I am pretty sure that somewhere in UK
 legislation there is some politically-correct drivel that stipulates I must
 never send or store e-mails or attachments that are obscene, indecent,
 sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
 amusing, overly long, slightly opinionated, anonymous, likely to harm
 animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
 minority (such as extraterrestrial eggplants). Emails of this nature sent
 in or out of this account may be intercepted and stopped by the system, but
 it's a long shot. This being the UK, even if I was prosecuted for breach of
 said email guidelines, I'd probably walk with a suspended sentence anyway,
 but if I'd forgotten to pay my car insurance, I'd most certainly 

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Webster
Patching is very easy with PVS hosted server images! :)  Customer updated the 
XenApp 6.5 image that handles 22,500 users, rebooted the virtual servers at 3AM 
and they all grabbed the new image upon reboot.  Entire image updating process 
took just a few minutes, tell PVS 6 there is a new image, VMs reboot and grab 
new image.  This customer updated over 250 servers in very little time.  Sweet!



Carl Webster

Consultant and Citrix Technology Professional

http://www.CarlWebster.comhttp://www.carlwebster.com/


From: James Rankin [kz2...@googlemail.com]
Sent: Friday, March 16, 2012 9:14 AM
To: NT System Admin Issues
Subject: In case anyone didn't see this on the Patch Management list...

...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Code-Confirmed-259060.shtml


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Matthew W. Ross
What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch
Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread David Mazzaccaro
That is what I do as well.
I use WSUS for all the desktops/laptops.. but the servers I want to do manually.


-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, March 16, 2012 12:05 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch
Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kennedy, Jim
WSUS. Set to download but not install. Then I RDP and hit install. Saves quite 
a bit of time since they are already downloaded. An improvement over what you 
are doing, but still not perfect of course. But I am in full control that way. 
We are smaller than many people here. About 40 servers.

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, March 16, 2012 12:21 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
 shop, with offices overseas, and I have to give more notice than 
 patching now, please log off.  At least I have most weekends to do 
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching 
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread James Rankin
WSUS? Free and easy.

SCCM? Not so free and not so easy.

Various other vendors like Shavlik, BigFix, etc., all varying degress of
freeness and easiness

On 16 March 2012 16:05, Matthew W. Ross mr...@ephrataschools.org wrote:

 What do you guys use to patch servers? I'm still in the RDP to the server
 and run Windows Update camp. I'd love a free solution to do this en-mass,
 if somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch
 Management list...


  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...
 http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin




-- 
http://appsensebigot.blogspot.com

IMPORTANT INFORMATION/DISCLAIMER

I certainly don't have time to monitor the content of e-mail sent and
received via this account for the purposes of ensuring compliance with
anyone's policies and procedures. I am pretty sure that somewhere in UK
legislation there is some politically-correct drivel that stipulates I must
never send or store e-mails or attachments that are obscene, indecent,
sexist, racist, defamatory, abusive, in breach of copyright, encrypted,
amusing, overly long, slightly opinionated, anonymous, likely to harm
animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent
minority (such as extraterrestrial eggplants). Emails of this nature sent
in or out of this account may be intercepted and stopped by the system, but
it's a long shot. This being the UK, even if I was prosecuted for breach of
said email guidelines, I'd probably walk with a suspended sentence anyway,
but if I'd forgotten to pay my car insurance, I'd most certainly be hung,
drawn and quartered.

I am not responsible for any changes made to the message after it has been
sent, in more or less the same way that cyclozine manufacturers aren't
responsible for drug addicts mixing it with methadone and overdosing, so
I'm glad I cleared the confusion up there nice and early. Where opinions
are expressed, they are not necessarily mine. However, I don't make a habit
of expressing other people's opinions for them, so you shouldn't take that
statement as an indication that I am in the business of providing an
opinion-expressing service. In the event that I did, this discourse would
provide no guarantee that I would do it anyway, but I don't, so I won't.

This e-mail and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you are not the intended addressee, or the person responsible for
delivering it to them, aside from the fact that you've clearly got some
level

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
WSUS - it's very nice for a free tool.

It's not a push solution - it's a client-polling solution, where the
client machine checks in with the server regularly and gets updates.

However, you can regulate the polling period (I use 4 hours) and
segregate machines into groups of your choosing, and set deadlines for
installation, by group if you wish, and whether or not users can defer
the installation of updates up to the deadline, etc.

Works very well for us.

Kurt

On Fri, Mar 16, 2012 at 09:05, Matthew W. Ross mr...@ephrataschools.org wrote:
 What do you guys use to patch servers? I'm still in the RDP to the server 
 and run Windows Update camp. I'd love a free solution to do this en-mass, if 
 somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch
 Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Jonathan Link
+1 I do this, too.

On Fri, Mar 16, 2012 at 12:23 PM, Kennedy, Jim kennedy...@elyriaschools.org
 wrote:

 WSUS. Set to download but not install. Then I RDP and hit install. Saves
 quite a bit of time since they are already downloaded. An improvement over
 what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.

 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server
 and run Windows Update camp. I'd love a free solution to do this en-mass,
 if somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...


  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread David Mazzaccaro
Should have mentioned... about 12 servers here.


-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Friday, March 16, 2012 12:23 PM
To: NT System Admin Issues
Subject: RE: In case anyone didn't see this on the Patch Management list...

WSUS. Set to download but not install. Then I RDP and hit install. Saves quite 
a bit of time since they are already downloaded. An improvement over what you 
are doing, but still not perfect of course. But I am in full control that way. 
We are smaller than many people here. About 40 servers.

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, March 16, 2012 12:21 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
 shop, with offices overseas, and I have to give more notice than 
 patching now, please log off.  At least I have most weekends to do 
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching 
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread David L Herrick
+1

-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Friday, March 16, 2012 9:23 AM
To: NT System Admin Issues
Subject: RE: In case anyone didn't see this on the Patch Management list...

WSUS. Set to download but not install. Then I RDP and hit install. Saves quite 
a bit of time since they are already downloaded. An improvement over what you 
are doing, but still not perfect of course. But I am in full control that way. 
We are smaller than many people here. About 40 servers.

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Sent: Friday, March 16, 2012 12:21 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
 shop, with offices overseas, and I have to give more notice than 
 patching now, please log off.  At least I have most weekends to do 
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching 
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Why not do the servers via WSUS?

On Fri, Mar 16, 2012 at 09:25, David Mazzaccaro
david.mazzacc...@hudsonmobility.com wrote:
 That is what I do as well.
 I use WSUS for all the desktops/laptops.. but the servers I want to do 
 manually.


 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:05 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server 
 and run Windows Update camp. I'd love a free solution to do this en-mass, if 
 somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch
 Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 .

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Same question I asked for Jim - why not let WSUS handle this?

On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim
kennedy...@elyriaschools.org wrote:
 WSUS. Set to download but not install. Then I RDP and hit install. Saves 
 quite a bit of time since they are already downloaded. An improvement over 
 what you are doing, but still not perfect of course. But I am in full control 
 that way. We are smaller than many people here. About 40 servers.

 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server 
 and run Windows Update camp. I'd love a free solution to do this en-mass, if 
 somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Matthew W. Ross
We do the same: WSUS automatic updates for desktops, Download but not installed 
for servers.

It's just a pain when you have a lot of servers to hit. Even a command line way 
to do this would be an improvement... and I hope this becomes available with 
Windows 8 Server.


--Matt Ross
Ephrata School District


- Original Message -
From: Kennedy, Jim
[mailto:kennedy...@elyriaschools.org]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
09:23:06 -0700
Subject: RE: In case anyone didn't see this on the Patch
Management list...


 WSUS. Set to download but not install. Then I RDP and hit install. Saves
 quite a bit of time since they are already downloaded. An improvement over
 what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.
 
 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 What do you guys use to patch servers? I'm still in the RDP to the server
 and run Windows Update camp. I'd love a free solution to do this en-mass,
 if somebody knows one.
 
 
 --Matt Ross
 Ephrata School District
 
 
 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
  shop, with offices overseas, and I have to give more notice than 
  patching now, please log off.  At least I have most weekends to do 
  this kind of thing...
  
  Kurt
  
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching 
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
  
  
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Sam Cayze
WSUS/RDP like the others said.
I've seen some scripts you can run against all machines that will force a 
download, install and reboot.
I still prefer a hand's on approach. Call me old fashioned, but I like to watch 
the progress bar to see how long the updates take, and monitor any abnormal 
activity on the system. Just in case.

Sam



-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, March 16, 2012 11:05 AM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

What do you guys use to patch servers? I'm still in the RDP to the server and 
run Windows Update camp. I'd love a free solution to do this en-mass, if 
somebody knows one.


--Matt Ross
Ephrata School District


- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
08:03:50 -0700
Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
 shop, with offices overseas, and I have to give more notice than 
 patching now, please log off.  At least I have most weekends to do 
 this kind of thing...
 
 Kurt
 
 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching 
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kennedy, Jim
I can do many of them during normal business hours, in fact I can get it from 
40 down to 5 by paying attention to what is going on here and sneaking them in. 
But when I can sneak them in is a moving target...so having them on another 
screen RDP while I multitask works well for me.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, March 16, 2012 2:09 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

Same question I asked for Jim - why not let WSUS handle this?

On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim kennedy...@elyriaschools.org 
wrote:
 WSUS. Set to download but not install. Then I RDP and hit install. Saves 
 quite a bit of time since they are already downloaded. An improvement over 
 what you are doing, but still not perfect of course. But I am in full control 
 that way. We are smaller than many people here. About 40 servers.

 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server 
 and run Windows Update camp. I'd love a free solution to do this en-mass, if 
 somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
 shop, with offices overseas, and I have to give more notice than 
 patching now, please log off.  At least I have most weekends to do 
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching 
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploi
  t
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
  ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Doug Hampshire
I'm hoping I'll be able to automate the server portion of the
install/reboot steps with runbooks in System Center 2012.

On Fri, Mar 16, 2012 at 1:30 PM, Matthew W. Ross
mr...@ephrataschools.orgwrote:

 We do the same: WSUS automatic updates for desktops, Download but not
 installed for servers.

 It's just a pain when you have a lot of servers to hit. Even a command
 line way to do this would be an improvement... and I hope this becomes
 available with Windows 8 Server.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kennedy, Jim
 [mailto:kennedy...@elyriaschools.org]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 09:23:06 -0700
 Subject: RE: In case anyone didn't see this on the Patch
 Management list...


  WSUS. Set to download but not install. Then I RDP and hit install. Saves
  quite a bit of time since they are already downloaded. An improvement
 over
  what you are doing, but still not perfect of course. But I am in full
  control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  What do you guys use to patch servers? I'm still in the RDP to the
 server
  and run Windows Update camp. I'd love a free solution to do this
 en-mass,
  if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
 
   Unfortunately, I can't move quite that fast. We're pretty much a 24x5
   shop, with offices overseas, and I have to give more notice than
   patching now, please log off.  At least I have most weekends to do
   this kind of thing...
  
   Kurt
  
   On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
   kennedy...@elyriaschools.org wrote:
I am all done!  Neeener neener.  :)
   
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, March 16, 2012 10:24 AM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management
   list...
   
Yeah, I'm pushing this out as fast as I can - I'll be patching
servers
   tonight, and the rest of the workstations next week.
   
On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
  wrote:
...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
-Co
de-Confirmed-259060.shtml
   
   
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
   
---
To manage subscriptions click here:
   http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
   
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
   
---
To manage subscriptions click here:
   http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
   http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
  
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Rankin, James R
Time for you to do some psexec goodness and learn all about MS installer 
command-line switches, methinks, if you want to automate your server push 
patching.

In the days before SUS and WSUS, we had a command script that updated servers 
using a comma-delimited text file database. However the detection soon became 
heinously complicated. WSUS saved me a lot of stress.

---Blackberried

-Original Message-
From: Matthew W. Ross mr...@ephrataschools.org
Date: Fri, 16 Mar 2012 10:30:53 
To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com
Reply-To: NT System Admin Issues 
ntsysadmin@lyris.sunbelt-software.comSubject: RE: In case anyone didn't see 
this on the Patch Management list...

We do the same: WSUS automatic updates for desktops, Download but not installed 
for servers.

It's just a pain when you have a lot of servers to hit. Even a command line way 
to do this would be an improvement... and I hope this becomes available with 
Windows 8 Server.


--Matt Ross
Ephrata School District


- Original Message -
From: Kennedy, Jim
[mailto:kennedy...@elyriaschools.org]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
09:23:06 -0700
Subject: RE: In case anyone didn't see this on the Patch
Management list...


 WSUS. Set to download but not install. Then I RDP and hit install. Saves
 quite a bit of time since they are already downloaded. An improvement over
 what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.
 
 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 What do you guys use to patch servers? I'm still in the RDP to the server
 and run Windows Update camp. I'd love a free solution to do this en-mass,
 if somebody knows one.
 
 
 --Matt Ross
 Ephrata School District
 
 
 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
  shop, with offices overseas, and I have to give more notice than 
  patching now, please log off.  At least I have most weekends to do 
  this kind of thing...
  
  Kurt
  
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching 
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
  
  
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin
 
 
 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
What's the risk in having WSUS do it during non-business hours? Assume
that business hours end at 17:00. Say you log into WSUS at 16:45 and
approve your updates with a deadline of 18:00?

Aren't the consequences of a bad patch happening during business hours
worse than the consequences of it happening at 18:00?

Or is there something else going on that I don't know about?

Kurt

On Fri, Mar 16, 2012 at 11:11, Kennedy, Jim
kennedy...@elyriaschools.org wrote:
 I can do many of them during normal business hours, in fact I can get it from 
 40 down to 5 by paying attention to what is going on here and sneaking them 
 in. But when I can sneak them in is a moving target...so having them on 
 another screen RDP while I multitask works well for me.

 -Original Message-
 From: Kurt Buff [mailto:kurt.b...@gmail.com]
 Sent: Friday, March 16, 2012 2:09 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 Same question I asked for Jim - why not let WSUS handle this?

 On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim kennedy...@elyriaschools.org 
 wrote:
 WSUS. Set to download but not install. Then I RDP and hit install. Saves 
 quite a bit of time since they are already downloaded. An improvement over 
 what you are doing, but still not perfect of course. But I am in full 
 control that way. We are smaller than many people here. About 40 servers.

 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server 
 and run Windows Update camp. I'd love a free solution to do this en-mass, 
 if somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...


 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching
  servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploi
  t
  -Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Richard Stovall
This is the same RDP vulnerability that EZ (I think it was EZ) posted the
other day, right?

IIRC, you're not vulnerable unless you expose a server to RDP connections
directly through your firewall.  If you don't do that, then your risk is
essentially nil since the it isn't exploitable through RD Gateway.  Or am I
not remembering correctly?

On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff kurt.b...@gmail.com wrote:

 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread pdw1914

I have my servers set to d/l updates but let me decide when to install.  I work 
in a hospital so it's not a case of do whenever it seems slow.  The software on 
the servers is so inter-connected it can bring some jobs to a halt, or crash, 
if one server is rebooted even if it doesn't appear to have a database related 
to the job in question.  Plus with meaningful use, we are beginning to upload 
data to provider's offices.  So, adding 'em up, I've got about 40 servers that 
all have to be done at the same time which is usually 3:30 in the morning.

 From: kennedy...@elyriaschools.org
 To: ntsysadmin@lyris.sunbelt-software.com
 Subject: RE: In case anyone didn't see this on the Patch Management list...
 Date: Fri, 16 Mar 2012 18:11:32 +
 
 I can do many of them during normal business hours, in fact I can get it from 
 40 down to 5 by paying attention to what is going on here and sneaking them 
 in. But when I can sneak them in is a moving target...so having them on 
 another screen RDP while I multitask works well for me.
 
 -Original Message-
 From: Kurt Buff [mailto:kurt.b...@gmail.com] 
 Sent: Friday, March 16, 2012 2:09 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 Same question I asked for Jim - why not let WSUS handle this?
 
 On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim kennedy...@elyriaschools.org 
 wrote:
  WSUS. Set to download but not install. Then I RDP and hit install. Saves 
  quite a bit of time since they are already downloaded. An improvement over 
  what you are doing, but still not perfect of course. But I am in full 
  control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management list...
 
  What do you guys use to patch servers? I'm still in the RDP to the server 
  and run Windows Update camp. I'd love a free solution to do this en-mass, 
  if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5 
  shop, with offices overseas, and I have to give more notice than 
  patching now, please log off.  At least I have most weekends to do 
  this kind of thing...
 
  Kurt
 

  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Jonathan Link
For me, business hours are 7am to 8pm this time of year, and Saturdays and
Sundays are often quite busy with a Director or two in the office working.
And that can be almost anytime, so I have to schedule my downtime events
carefully.

On Fri, Mar 16, 2012 at 4:01 PM, Kurt Buff kurt.b...@gmail.com wrote:

 What's the risk in having WSUS do it during non-business hours? Assume
 that business hours end at 17:00. Say you log into WSUS at 16:45 and
 approve your updates with a deadline of 18:00?

 Aren't the consequences of a bad patch happening during business hours
 worse than the consequences of it happening at 18:00?

 Or is there something else going on that I don't know about?

 Kurt

 On Fri, Mar 16, 2012 at 11:11, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I can do many of them during normal business hours, in fact I can get it
 from 40 down to 5 by paying attention to what is going on here and sneaking
 them in. But when I can sneak them in is a moving target...so having
 them on another screen RDP while I multitask works well for me.
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 2:09 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Same question I asked for Jim - why not let WSUS handle this?
 
  On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  WSUS. Set to download but not install. Then I RDP and hit install.
 Saves quite a bit of time since they are already downloaded. An improvement
 over what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  What do you guys use to patch servers? I'm still in the RDP to the
 server and run Windows Update camp. I'd love a free solution to do this
 en-mass, if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploi
   t
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Andrew S. Baker
Based on my recollection, I'd say that your recollection is correct.

-ASB: http://XeeMe.com/AndrewBaker

Sent from my Motorola Droid RAZR
 On Mar 16, 2012 5:57 PM, Richard Stovall rich...@gmail.com wrote:

 This is the same RDP vulnerability that EZ (I think it was EZ) posted the
 other day, right?

 IIRC, you're not vulnerable unless you expose a server to RDP connections
 directly through your firewall.  If you don't do that, then your risk is
 essentially nil since the it isn't exploitable through RD Gateway.  Or am I
 not remembering correctly?

 On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff kurt.b...@gmail.com wrote:

 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Rankin, James R
A lot of debate on the patch management list about this. I'd get the patch out 
if possible, there seems to be a bit of confusion around the scope of the 
vulnerability. Safety first I guess, but I know for some taking systems down is 
a lot harder than for others

---Blackberried

-Original Message-
From: Richard Stovall rich...@gmail.com
Date: Fri, 16 Mar 2012 16:13:28 
To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com
Reply-To: NT System Admin Issues 
ntsysadmin@lyris.sunbelt-software.comSubject: Re: In case anyone didn't see 
this on the Patch Management list...

This is the same RDP vulnerability that EZ (I think it was EZ) posted the
other day, right?

IIRC, you're not vulnerable unless you expose a server to RDP connections
directly through your firewall.  If you don't do that, then your risk is
essentially nil since the it isn't exploitable through RD Gateway.  Or am I
not remembering correctly?

On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff kurt.b...@gmail.com wrote:

 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
 tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Well, that supposes someone doesn't bring an infected machine into the
network, but other than that, yeah, I think you're right.

It's the infected laptops that worry me - we have a fair number of
sales geeks, field service techs, executives, etc. who are out of the
office for extended periods, and come in and attach (wired or
wireless) to the network, and we don't have any NAC/NAP solution to
mitigate any infections they might have picked up.

On the plus side, they do all have VIPRE, which is set to contact GFI
for updates if it can't contact our internal server.

The risk of this one getting wormified is beyond what makes me
comfortable, so patching as soon as allowable is where I'm headed -
I've already patched a bunch of test machines, including some servers.

Kurt

On Fri, Mar 16, 2012 at 13:13, Richard Stovall rich...@gmail.com wrote:
 This is the same RDP vulnerability that EZ (I think it was EZ) posted the
 other day, right?

 IIRC, you're not vulnerable unless you expose a server to RDP connections
 directly through your firewall.  If you don't do that, then your risk is
 essentially nil since the it isn't exploitable through RD Gateway.  Or am I
 not remembering correctly?


 On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff kurt.b...@gmail.com wrote:

 Unfortunately, I can't move quite that fast. We're pretty much a 24x5
 shop, with offices overseas, and I have to give more notice than
 patching now, please log off.  At least I have most weekends to do
 this kind of thing...

 Kurt

 On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I am all done!  Neeener neener.  :)
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 10:24 AM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
  Yeah, I'm pushing this out as fast as I can - I'll be patching servers
  tonight, and the rest of the workstations next week.
 
  On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
  wrote:
  ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
  de-Confirmed-259060.shtml
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
  ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Michael B. Smith
()

msg InstallWU: installation result 
$($installationResult.ResultCode), reboot required 
$($installationResult.RebootRequired)
if( $installationResult.RebootRequired -eq $true )
{
Popup Success: Updates installed. You must 
reboot to complete the installation. $L_Menu_Title $vbExclamation
Restart_Or_Shutdown_Machine 'restart' 5
}
else
{
Popup Success: Updates installed. A reboot is 
not required. $L_Menu_Title $vbExclamation
}

$installationResult = $null
$updateInstaller= $null
}
}
else
{
Popup 'No updates were found to install!' $L_Menu_Title $vbOK
}
$updateList = $null

$updates= $null
$results= $null
$updateSearcher = $null
$updateSession  = $null

msg 'InstallWU: exit'
return
}


-Original Message-
From: Rankin, James R [mailto:kz2...@googlemail.com] 
Sent: Friday, March 16, 2012 2:39 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

Time for you to do some psexec goodness and learn all about MS installer 
command-line switches, methinks, if you want to automate your server push 
patching.

In the days before SUS and WSUS, we had a command script that updated servers 
using a comma-delimited text file database. However the detection soon became 
heinously complicated. WSUS saved me a lot of stress.

---Blackberried

-Original Message-
From: Matthew W. Ross mr...@ephrataschools.org
Date: Fri, 16 Mar 2012 10:30:53
To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com
Reply-To: NT System Admin Issues 
ntsysadmin@lyris.sunbelt-software.comSubject: RE: In case anyone didn't see 
this on the Patch Management list...

We do the same: WSUS automatic updates for desktops, Download but not installed 
for servers.

It's just a pain when you have a lot of servers to hit. Even a command line way 
to do this would be an improvement... and I hope this becomes available with 
Windows 8 Server.


--Matt Ross
Ephrata School District


- Original Message -
From: Kennedy, Jim
[mailto:kennedy...@elyriaschools.org]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
09:23:06 -0700
Subject: RE: In case anyone didn't see this on the Patch Management list...


 WSUS. Set to download but not install. Then I RDP and hit install. 
 Saves quite a bit of time since they are already downloaded. An 
 improvement over what you are doing, but still not perfect of course. 
 But I am in full control that way. We are smaller than many people here. 
 About 40 servers.
 
 -Original Message-
 From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 What do you guys use to patch servers? I'm still in the RDP to the 
 server and run Windows Update camp. I'd love a free solution to do 
 this en-mass, if somebody knows one.
 
 
 --Matt Ross
 Ephrata School District
 
 
 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 
  24x5 shop, with offices overseas, and I have to give more notice 
  than patching now, please log off.  At least I have most weekends 
  to do this kind of thing...
  
  Kurt
  
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim 
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch 
   Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching 
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin 
   kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Explo
   it
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
   ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Michael B. Smith
Is Orchestrator included in the base license?

Regardless, it's easily scripted. I posted a script you can use as a basis a 
few minutes ago.

From: Doug Hampshire [mailto:dhampsh...@gmail.com]
Sent: Friday, March 16, 2012 2:37 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

I'm hoping I'll be able to automate the server portion of the install/reboot 
steps with runbooks in System Center 2012.
On Fri, Mar 16, 2012 at 1:30 PM, Matthew W. Ross 
mr...@ephrataschools.orgmailto:mr...@ephrataschools.org wrote:
We do the same: WSUS automatic updates for desktops, Download but not installed 
for servers.

It's just a pain when you have a lot of servers to hit. Even a command line way 
to do this would be an improvement... and I hope this becomes available with 
Windows 8 Server.


--Matt Ross
Ephrata School District


- Original Message -
From: Kennedy, Jim
[mailto:kennedy...@elyriaschools.orgmailto:kennedy...@elyriaschools.org]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 16 Mar 2012
09:23:06 -0700
Subject: RE: In case anyone didn't see this on the Patch
Management list...


 WSUS. Set to download but not install. Then I RDP and hit install. Saves
 quite a bit of time since they are already downloaded. An improvement over
 what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.

 -Original Message-
 From: Matthew W. Ross 
 [mailto:mr...@ephrataschools.orgmailto:mr...@ephrataschools.org]
 Sent: Friday, March 16, 2012 12:21 PM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 What do you guys use to patch servers? I'm still in the RDP to the server
 and run Windows Update camp. I'd love a free solution to do this en-mass,
 if somebody knows one.


 --Matt Ross
 Ephrata School District


 - Original Message -
 From: Kurt Buff
 [mailto:kurt.b...@gmail.commailto:kurt.b...@gmail.com]
 To: NT System Admin Issues
 [mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com]
 Sent: Fri, 16 Mar 2012
 08:03:50 -0700
 Subject: Re: In case anyone didn't see this on the Patch Management list...


  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.orgmailto:kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.commailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin 
   kz2...@googlemail.commailto:kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to 
   listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
   http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to 
   listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to 
  listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here:
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to 
 listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin


 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http

RE: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Steven M. Caesare
If your internal workstations were compromised with a malware payload, and you 
allow RDP internally from your mgm’t VLAN you could perhaps get nailed.

 

-sc

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Friday, March 16, 2012 4:13 PM
To: NT System Admin Issues
Subject: Re: In case anyone didn't see this on the Patch Management list...

 

This is the same RDP vulnerability that EZ (I think it was EZ) posted the other 
day, right?

 

IIRC, you're not vulnerable unless you expose a server to RDP connections 
directly through your firewall.  If you don't do that, then your risk is 
essentially nil since the it isn't exploitable through RD Gateway.  Or am I not 
remembering correctly?

On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff kurt.b...@gmail.com wrote:

Unfortunately, I can't move quite that fast. We're pretty much a 24x5
shop, with offices overseas, and I have to give more notice than
patching now, please log off.  At least I have most weekends to do
this kind of thing...

Kurt


On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
kennedy...@elyriaschools.org wrote:
 I am all done!  Neeener neener.  :)

 -Original Message-
 From: Kurt Buff [mailto:kurt.b...@gmail.com]
 Sent: Friday, March 16, 2012 10:24 AM
 To: NT System Admin Issues
 Subject: Re: In case anyone didn't see this on the Patch Management list...

 Yeah, I'm pushing this out as fast as I can - I'll be patching servers 
 tonight, and the rest of the workstations next week.


 On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com wrote:
 ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co
 de-Confirmed-259060.shtml



 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
 http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
 ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

 ---
 To manage subscriptions click here: 
 http://lyris.sunbelt-software.com/read/my_forums/
 or send an email to listmana...@lyris.sunbeltsoftware.com
 with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kat Aylward Langan
I used to schedule my patching on the week following Tuesday for the
Windows environment.  Usually set goals to do it the following Tuesday, but
if patch review wasn't done yet, it would go to Wednesday.  This was
because we were a production SaaS environment, sharing resources with the
Ops team, so I could never do it on the weekends, which were reserved for
the Ops maintenance window (linux servers).  So I would start at 7pm, patch
servers in a particular order so as not to take too many down at once, and
be done by 8:30 or so.  My minion did the verification starting after 8:30,
since his lil ones were in bed by that time.  Worked out well - 30+ servers
in all, not counting labs which were done during the day by the lab teams.

On Fri, Mar 16, 2012 at 2:43 PM, Jonathan Link jonathan.l...@gmail.comwrote:

 For me, business hours are 7am to 8pm this time of year, and Saturdays and
 Sundays are often quite busy with a Director or two in the office working.
 And that can be almost anytime, so I have to schedule my downtime events
 carefully.

 On Fri, Mar 16, 2012 at 4:01 PM, Kurt Buff kurt.b...@gmail.com wrote:

 What's the risk in having WSUS do it during non-business hours? Assume
 that business hours end at 17:00. Say you log into WSUS at 16:45 and
 approve your updates with a deadline of 18:00?

 Aren't the consequences of a bad patch happening during business hours
 worse than the consequences of it happening at 18:00?

 Or is there something else going on that I don't know about?

 Kurt

 On Fri, Mar 16, 2012 at 11:11, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I can do many of them during normal business hours, in fact I can get
 it from 40 down to 5 by paying attention to what is going on here and
 sneaking them in. But when I can sneak them in is a moving target...so
 having them on another screen RDP while I multitask works well for me.
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 2:09 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  Same question I asked for Jim - why not let WSUS handle this?
 
  On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim 
 kennedy...@elyriaschools.org wrote:
  WSUS. Set to download but not install. Then I RDP and hit install.
 Saves quite a bit of time since they are already downloaded. An improvement
 over what you are doing, but still not perfect of course. But I am in full
 control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
  What do you guys use to patch servers? I'm still in the RDP to the
 server and run Windows Update camp. I'd love a free solution to do this
 en-mass, if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management
 list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
 wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploi
   t
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Fair enough.

On Fri, Mar 16, 2012 at 14:43, Jonathan Link jonathan.l...@gmail.com wrote:
 For me, business hours are 7am to 8pm this time of year, and Saturdays and
 Sundays are often quite busy with a Director or two in the office working.
 And that can be almost anytime, so I have to schedule my downtime events
 carefully.

 On Fri, Mar 16, 2012 at 4:01 PM, Kurt Buff kurt.b...@gmail.com wrote:

 What's the risk in having WSUS do it during non-business hours? Assume
 that business hours end at 17:00. Say you log into WSUS at 16:45 and
 approve your updates with a deadline of 18:00?

 Aren't the consequences of a bad patch happening during business hours
 worse than the consequences of it happening at 18:00?

 Or is there something else going on that I don't know about?

 Kurt

 On Fri, Mar 16, 2012 at 11:11, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I can do many of them during normal business hours, in fact I can get it
  from 40 down to 5 by paying attention to what is going on here and sneaking
  them in. But when I can sneak them in is a moving target...so having
  them on another screen RDP while I multitask works well for me.
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 2:09 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
  Same question I asked for Jim - why not let WSUS handle this?
 
  On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
  WSUS. Set to download but not install. Then I RDP and hit install.
  Saves quite a bit of time since they are already downloaded. An 
  improvement
  over what you are doing, but still not perfect of course. But I am in full
  control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
  What do you guys use to patch servers? I'm still in the RDP to the
  server and run Windows Update camp. I'd love a free solution to do this
  en-mass, if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
   wrote:
   ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploi
   t
   -Co
   de-Confirmed-259060.shtml
  
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
  
   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
   ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
  
   ---
   To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
   or send an email to listmana...@lyris.sunbeltsoftware.com
   with the body: unsubscribe ntsysadmin
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~
 
  ---
  To manage subscriptions click here:
  http://lyris.sunbelt-software.com/read/my_forums/
  or send an email to listmana...@lyris.sunbeltsoftware.com
  with the body: unsubscribe ntsysadmin
 
 
  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  http://www.sunbeltsoftware.com

Re: In case anyone didn't see this on the Patch Management list...

2012-03-16 Thread Kurt Buff
Normal patch cycle is to set a deadline of Saturday on Patch Tuesday
for a set of test users and servers. If I don't hear screams on Monday
from them, then set the deadline for the next Saturday for the rest of
the workstations on Tuesday, and then on Friday set an 8am Saturday
deadline for the production servers.

So, it looks like this:
Patch Tuesday: Set Saturday deadline for test workstations and servers
Following Tuesday: if no issues, set Saturday deadline for rest of workstations
Following Friday late afternoon: set Saturday 8am deadline for rest of servers

It's worked well so far. Exceptions are made when needed, such as
month/quarter/year-end financial closing interferes, or there's some
other reason to push it out.

Kurt


On Fri, Mar 16, 2012 at 17:00, Kat Aylward Langan messagel...@gmail.com wrote:
 I used to schedule my patching on the week following Tuesday for the Windows
 environment.  Usually set goals to do it the following Tuesday, but if patch
 review wasn't done yet, it would go to Wednesday.  This was because we were
 a production SaaS environment, sharing resources with the Ops team, so I
 could never do it on the weekends, which were reserved for the Ops
 maintenance window (linux servers).  So I would start at 7pm, patch servers
 in a particular order so as not to take too many down at once, and be done
 by 8:30 or so.  My minion did the verification starting after 8:30, since
 his lil ones were in bed by that time.  Worked out well - 30+ servers in
 all, not counting labs which were done during the day by the lab teams.

 On Fri, Mar 16, 2012 at 2:43 PM, Jonathan Link jonathan.l...@gmail.com
 wrote:

 For me, business hours are 7am to 8pm this time of year, and Saturdays and
 Sundays are often quite busy with a Director or two in the office working.
 And that can be almost anytime, so I have to schedule my downtime events
 carefully.

 On Fri, Mar 16, 2012 at 4:01 PM, Kurt Buff kurt.b...@gmail.com wrote:

 What's the risk in having WSUS do it during non-business hours? Assume
 that business hours end at 17:00. Say you log into WSUS at 16:45 and
 approve your updates with a deadline of 18:00?

 Aren't the consequences of a bad patch happening during business hours
 worse than the consequences of it happening at 18:00?

 Or is there something else going on that I don't know about?

 Kurt

 On Fri, Mar 16, 2012 at 11:11, Kennedy, Jim
 kennedy...@elyriaschools.org wrote:
  I can do many of them during normal business hours, in fact I can get
  it from 40 down to 5 by paying attention to what is going on here and
  sneaking them in. But when I can sneak them in is a moving target...so
  having them on another screen RDP while I multitask works well for me.
 
  -Original Message-
  From: Kurt Buff [mailto:kurt.b...@gmail.com]
  Sent: Friday, March 16, 2012 2:09 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
  Same question I asked for Jim - why not let WSUS handle this?
 
  On Fri, Mar 16, 2012 at 09:23, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
  WSUS. Set to download but not install. Then I RDP and hit install.
  Saves quite a bit of time since they are already downloaded. An 
  improvement
  over what you are doing, but still not perfect of course. But I am in 
  full
  control that way. We are smaller than many people here. About 40 servers.
 
  -Original Message-
  From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
  Sent: Friday, March 16, 2012 12:21 PM
  To: NT System Admin Issues
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
  What do you guys use to patch servers? I'm still in the RDP to the
  server and run Windows Update camp. I'd love a free solution to do this
  en-mass, if somebody knows one.
 
 
  --Matt Ross
  Ephrata School District
 
 
  - Original Message -
  From: Kurt Buff
  [mailto:kurt.b...@gmail.com]
  To: NT System Admin Issues
  [mailto:ntsysadmin@lyris.sunbelt-software.com]
  Sent: Fri, 16 Mar 2012
  08:03:50 -0700
  Subject: Re: In case anyone didn't see this on the Patch Management
  list...
 
 
  Unfortunately, I can't move quite that fast. We're pretty much a 24x5
  shop, with offices overseas, and I have to give more notice than
  patching now, please log off.  At least I have most weekends to do
  this kind of thing...
 
  Kurt
 
  On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
   I am all done!  Neeener neener.  :)
  
   -Original Message-
   From: Kurt Buff [mailto:kurt.b...@gmail.com]
   Sent: Friday, March 16, 2012 10:24 AM
   To: NT System Admin Issues
   Subject: Re: In case anyone didn't see this on the Patch Management
  list...
  
   Yeah, I'm pushing this out as fast as I can - I'll be patching
   servers
  tonight, and the rest of the workstations next week.
  
   On Fri, Mar 16, 2012 at 07:14, James Rankin kz2...@googlemail.com
   wrote:
   ...http