Re: MS-02-052

[steve () videogroup com (Steve)]

Hehe, right you are. 

But we've got more valuable things to do with our time than chasing 
patches that will never fully come through anyway.

You don't have to use MS solutions when other developers are actually  
delivering better solutions. This way I don't have to sort out MS shit 
more than neccessary. And it's not like users are actually suffering 
working with less dangerous tools.

Unless you have that budget to try to secure what has up until now never 
been secure ONCE, for the last couple of years, if ever. Now that time 
is spent updating better solutions and creating other working solutions 
which generates income. You may see that as an irrational 
shut-everything-down approach, which is your prerogative. 

To be honest the IIS block was in effect when Nimbda, I think, was 
running amock. As it is we only need access to Fedex. If everyone else 
were gone it would mean very little.

To be specific it's not MY shit to sort out. If I'm dumb enough to use 
MS then I would HAVE to sort out their shit. Nice stab though...

> My, what a rational and professional attitude ;-)
> The other alternative is to learn how to lock those boxes down as well
> as the others - the OS hardly ever makes a difference, the admin
> _always_ does. But it's much easier to point and blame than to sort
> your own shit out...
>
> Cheers.

-- 
 
Steve Szmidt
V.P. Information Technology
Video Group Distributors, Inc.