Thursday, February 7, 2008
WSUS, 2/12, IE7 for all! Joy and merriment!
For those that didn't see the diary posting at the Internet Storm Center yesterday/today:
"On February 12, 2008 Microsoft will release the Windows Internet Explorer 7 Installation and Availability update to Windows Server Update Services (WSUS). Windows Internet Explorer 7 Installation and Availability Update is a complete installation package that will upgrade machines running Internet Explorer 6 to Windows Internet Explorer 7. Customers who have configured WSUS to "auto-approve" Update Rollup packages will automatically upgrade machines running Internet Explorer 6 to Windows Internet Explorer 7 after February 12, 2008 and consequently, may want to read Knowledge Base article 946202 to manage how and when this update is installed. For more on the Windows Internet Explorer 7 Installation and Availability Update, read Knowledge Base article 940767."
Moral of the story:
As much as Microsoft wants to extend their QA department into your corporation, don't let them. I'm not a fan of any "auto-updating" service. True, most of the time, everything will work out just peachy, you'll be patched/updated/band-aided/snug-as-a-remedied-software-bug-in-a-rug....BUT....there's always the chance that the new shiny update will PUNCH YOU IN THE FACE.
So, test, test, test.
And if you're screaming at me - "We don't have the money for a test environment!" - there are virtual PC/server options. And they're free. And they work.
I'm pretty sure Matt Neely over at Security Second Thoughts knows a thing or two about virtualization. And believe me, he definitely knows three or four things about mobile commerce...
On another note...I'll be adding a section that shows the security blogs I like reading. I'll keep it limited to 10 - a lot of them tend to repeat what others are saying.
Posted by astroman at 5:23 AM