Re: Auto-Updates for production servers
- From: Leythos <void@xxxxxxxxxxx>
- Date: Mon, 29 Oct 2007 23:18:02 -0400
In article <uDMoW0nGIHA.4272@xxxxxxxxxxxxxxxxxxxx>,
anthony.spam@xxxxxxxxxxxxxx says...
I hope you won't mind advice that contradicts your presumed views.
When Microsoft or any software vendor discovers a flaw that can be
exploited, they need to fix it.
If you don't apply the fix, you are vulnerable from that time on because
everyone knows what the flaw is.
You can test the fix to see if it breaks anything, but you still need to
apply it even if it does.
No, Anthony, you don't.
You need to patch if the update provides a resolution to something that
you might be exposed to, but if your server is not exposed to xyz then
you don't need ot patch for it.
Not all production servers are fully exposed to the Internet, most are
behind a firewall and have little or no exposure to most of the threats
you read about.
Yes, it's "good practice" to update with all critical updates and
security patches, but the update should be based against the threat vs
stability.
--
Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
.
- References:
- Re: Auto-Updates for production servers
- From: Anthony
- Re: Auto-Updates for production servers
- Prev by Date: Re: Auto-Updates for production servers
- Next by Date: Re: Web Site Mystery
- Previous by thread: Re: Auto-Updates for production servers
- Next by thread: Re: Auto-Updates for production servers
- Index(es):
Relevant Pages
|
Loading
