Re: Microsoft to rush out emergency Windows patch today

["Erik Harrison" <eharrison () gmail com>]

forgive my frustration from that day. when you have an unfortunately
massive attack surface, most of which you don't control or need to
jump through 3 weeks worth of notification-related hurdles to impose
upon.. then the devils advocate angle was less intellectually
stimulating :D

On Wed, Oct 29, 2008 at 10:56 PM,  <Valdis.Kletnieks () vt edu> wrote:
> On Thu, 23 Oct 2008 21:50:23 EDT, Erik Harrison said:
> > seriously, why is this even a conversation? patch. its important. you
> > know why. the devils advocate angle really isn't something anyone
> > dealing with deploying this patch to reams of systems wants to hear
> > right now.
>
> The devil's advocate angle is something that some of us really *do* want to
> deal with.  If I'm about to push an "emergency" patch out to 30,000 desktops, I
> *really* want to know *exactly* how big my actual attack surface really is, so
> I can make an informed decision whether I should be pushing it out to all 30K
> the instant I get it, or push it out immediately to the 10K hosts that don't
> have mitigating factors X, Y, or Z in place, or let my internal regression
> testing have another 24/48/weekend.
>
> If Larry's machine is in fact suitably firewalled, he has the services turned
> off, and he trusts any other machines on the "inside" of the firewalled net,
> what *is* his attack surface?  For starters, where's the attack going to come
> *from*?
>
> (And I *wish* I was deciding whether to push it out to 30K desktops.  Instead,
> I have 30,000 academia users, most of them laptops coming and going several
> times a day. It's like herding frikking cats. ;)
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.