Corey Nachreiner on this week's patch deluge: "Administrators already have a hard enough time trying to keep up when Microsoft releases 10 security patches on the same day. Now imagine trying to deal with that while also receiving updates from all your other software vendors. This scenario makes it too likely that an IT staffer will overlook that one, critical security patch within all the vendor noise received that day."
I just filed a news analysis for eWEEK.com on this very topic. The recurring theme from my interviews with researchers and patch management experts is this: We don't mind a patch barrage but just let us know up front.
skip to main |
skip to sidebar
An (outside) look at security in Microsoft's dominant operating system.
About Me
- Ryan Naraine
- I write about IT security issues/trends for eWEEK Magazine; I'm West Indian and I obsess about West Indies cricket.
My blog is mine. The opinions represented in this blog are mine as well and may not represent my employer's opinions.
Digg Security
- Microsoft Watch
- eWEEK Security
- MSRC Blog
- Exploit Prevention Labs
- Metasploit
- Stephen Toulouse (MSRC)
- Michael Howard
- John Pescatore
- Ben Edelman
- Bruce Schneier
- Matasano
- Donna Buenaventura
- WaPo SecurityFix
- F-Secure Weblog
- Kaspersky Lab
- ISC Sans Diary
- Sunbeltblog
- Honeyblog
- Jesper Johansson
- Paper Ghost
- Worm Blog
Blog Archive
-
▼
2005
(82)
-
▼
July
(39)
- MS05-036 Exploit Published
- Kaminsky on Security at Redmond
- Win2K Update Rollup Hiccups
- US-CERT Weekly Windows Security Summary
- 80 Super Security Tips
- Acquisitive Microsoft
- What’s The Use of Security Advisories?
- AOL's IE Browser
- Windows Anti-Spy Refresh
- Spyware at Cingular Store
- Support for Industry Patch Day
- Advisory/Workarounds for RDP Flaw
- Explaining Premature Disclosure for IE Flaw
- XP SP2 Zero-Day?
- Dell, Spyware and My Way
- SWI Team May Start Blogging
- Pre-Patch Investigations Explained
- Schneier on Microsoft/Claria Hubbub
- Patch Deluge Redux
- Still no RSS Feed for Advisories
- Windows XP SP2 Remote Kernel DoS Flaw
- Cybercrime *Not* Terrorism
- A Message for Microsoft
- MS/Claria Deal Dead
- Why You Need Multiple AntiSpyware Apps
- It's Raining Patches
- Multiple Vendors Patching Today
- Low Hopes for Anti Spyware Coalition
- Hacker Manifesto
- 19 Deadly Sins of Software Security
- Momentum for MS AntiSpyware Rethink
- Lazy People and Default Settings
- London Bombing Trojan
- Talking a Lot, Saying Nothing
- Unimpressed with Spyware Downgrade Explanation
- Ed Bott on MSAS Claria Downgrades
- eEye Spies More Windows Flaws
- MS AntiSpyware Bordering on Irrelevance
- Some Fatherly Advice for Sasser Sven
-
▼
July
(39)