Forwarded from: Mark Bernard <mbernardat_private> Dear Associates, MS has not done a good job at managing this very important process. They are continuing to muddle around and not tackle this effectively. Since they have mostly borrowed all the technology that they currently have from someone else, why don't they go back to Big Blue were they started and get this right from the pros. I have work with Big Blues and Application Systems 400 servers for 14 years now. BTW: they have never been infected by a viruse since their introduction to the public in 1989. BTW: there are now around 900,000 400 servers in the world today. On the 400 there is a regular program that follows a monthly routine with built in software that can be used to distribute Preventative Software Fixes (PTFs) to either clustered 400s or networked 400s. You get an overview of the fix it tells you in English what it will do and or change on your system before you load it. You can then load it in temporary state on a mirrored logical partition and run it to see what's going on before applying it permanently. You also have the option of removing it. Why can't Microsoft get this right with all the money that they now have of ours? Regards, Mark. ----- Original Message ----- From: "InfoSec News" <isnat_private> To: <isnat_private> Sent: Tuesday, August 19, 2003 9:10 AM Subject: [ISN] Patching Becoming a Major Resource Drain for Companies > http://www.computerworld.com/securitytopics/security/story/0,10801,84083,00.html > > Story by Jaikumar Vijayan > COMPUTERWORLD > AUGUST 18, 2003 > > Last week's W32.Blaster worm, which affected thousands of computers > worldwide running Windows operating systems, highlighted the > enormous challenge companies face in keeping their systems up to > date with patches for vulnerabilities, users said. > > Companies that, ahead of Blaster's rampage, had installed Microsoft > Corp.'s patch for a flaw identified last month said they felt no > effect from the worm. But the seemingly constant work involved in > guarding against such worms is becoming a burden that could prove > unsustainable over time, users said. > > "The thing about patching is that it is so darn reactive. And that > can kill you," said Dave Jahne, a senior security analyst at > Phoenix-based Banner Health System, which runs 22 hospitals. > > "You need to literally drop everything else to go take care of > [patching]. And the reality is, we only have a finite amount of > resources" to do that, Jahne said. > > Banner had to patch more than 500 servers and 8,000 workstations to > protect itself against the vulnerability that Blaster exploited. "I > can tell you, it's been one heck of an effort on a lot of people's > part to do that," Jahne added. > > For the longer term, Banner is studying the feasibility of > partitioning its networks in order to minimize the effect of > vulnerabilities, he said. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Aug 20 2003 - 20:31:36 PDT