[prev in list] [next in list] [prev in thread] [next in thread]
List: patchmanagement
Subject: RE: Best Practices for MS Patching
From: "Geraint Rees-Jones (ARTS IT)" <g.rees-jones () auckland ! ac ! nz>
Date: 2012-07-31 20:35:07
Message-ID: 232AB52EE26AA44D87A3F916DF5965341384E18F () uxcn10-5 ! UoA ! auckland ! ac ! nz
[Download RAW message or body]
I use GFI Languard, currently v10, soon upgrading to v11.
For us it works as a check against WSUS, where some machines fall behind.
Also we can force patches for non-MS applications.
> -----Original Message-----
> From: Taylor, Wayne [mailto:wtaylor@doc.gov]
> Sent: Tuesday, 31 July 2012 06:39
> To: Patch Management Mailing List
> Subject: RE: Best Practices for MS Patching
>
> I use VMWare Protect Essential Plus
>
> Wayne Taylor
> MSI Universal
>
> -----Original Message-----
> From: Chris Funderburg [mailto:chrisf@vneonline.com]
> Sent: Monday, July 30, 2012 2:11 PM
> To: Patch Management Mailing List
> Subject: RE: Best Practices for MS Patching
>
> I use VMWare Protect Essential Plus
>
> Chris Funderburg MCSE, MCP+I, CCNA, CCEA, BCFP, Security + Systems Administrator VNE, LLC
> http://helpdesk.vneonline.com:8080/portal - for submitting helpdesk tickets
> (Office) 540-720-5150 x.407
> (Cell) 703-473-5020
>
>
> -----Original Message-----
> From: RIcenhower@rejis.org [mailto:RIcenhower@rejis.org]
> Sent: Friday, July 27, 2012 7:44 PM
> To: Patch Management Mailing List
> Subject: Re: Best Practices for MS Patching
>
> Is anyone using VMware Protect Essentials or Essentials Plus?
> **************************************************
>
> NOTICE OF CONFIDENTIALITY
>
> THIS DOCUMENT IS INTENDED ONLY FOR THE USE OF THE ENTITY TO WHICH IT IS ADDRESSED AND MAY CONTAIN
> INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. ANY
> DISTRIBUTION TO ANYONE OTHER THAN THE INTENDED RECIPIENT MAY BE PROHIBITED BY LAW AND IS STRICTLY
> FORBIDDEN. IF YOU HAVE RECEIVED THIS COMMUNICATION IN ERROR, PLEASE CONTACT THE REJIS HELP DESK
> IMMEDIATELY AT 314-535-9497.
>
> **************************************************
>
>
>
> ----- Original Message -----
> From: Dean Barnes [dean.barnes@royalmail.com]
> Sent: 07/27/2012 11:27 PM GMT
> To: "Patch Management Mailing List" <patchmanagement@listserv.patchmanagement.org>
> Subject: Re: Best Practices for MS Patching
>
>
>
> Lumension has a good selection of tools within their endpoint management suite (LEMSS) that will cover
> all your requirements listed.
>
> ----- Original Message -----
> From: RIcenhower@rejis.org [mailto:RIcenhower@rejis.org]
> Sent: Saturday, July 28, 2012 01:14 AM
> To: Patch Management Mailing List <patchmanagement@listserv.patchmanagement.org>
> Subject: Re: Best Practices for MS Patching
>
> We us WSUS to maintain updates for our environment and I'm curious to know what tools NON-SCCM shops
> use for Security Assessments and Compliance Reports. I'm looking for similar data that MBSA returns,
> missing security updates, security misconfigurations, etc...
>
> I have over 150 servers to scan.
>
> I've found it difficult to consolidate the MBSA data into a central report, repository, spreadsheet,
> database for custom reporting.
>
> Any suggestions on tools, utilities to help with Security Auditing and Risk Assessments is greatly
> appreciated.
>
> Regards
> **************************************************
>
> NOTICE OF CONFIDENTIALITY
>
> THIS DOCUMENT IS INTENDED ONLY FOR THE USE OF THE ENTITY TO WHICH IT IS ADDRESSED AND MAY CONTAIN
> INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. ANY
> DISTRIBUTION TO ANYONE OTHER THAN THE INTENDED RECIPIENT MAY BE PROHIBITED BY LAW AND IS STRICTLY
> FORBIDDEN. IF YOU HAVE RECEIVED THIS COMMUNICATION IN ERROR, PLEASE CONTACT THE REJIS HELP DESK
> IMMEDIATELY AT 314-535-9497.
>
> **************************************************
>
>
>
> ----- Original Message -----
> From: Dean Barnes [dean.barnes@royalmail.com]
> Sent: 07/27/2012 10:41 PM GMT
> To: "Patch Management Mailing List" <patchmanagement@listserv.patchmanagement.org>
> Subject: Re: Best Practices for MS Patching
>
>
>
> Hi Joel
>
> There is a very good book on the subject. Curing the patch management headache by felicia m nicastro.
>
> Regards
> Dean
>
> ----- Original Message -----
> From: Susan Bradley [mailto:sbradcpa@pacbell.net]
> Sent: Saturday, July 28, 2012 12:31 AM
> To: Patch Management Mailing List <patchmanagement@listserv.patchmanagement.org>
> Subject: Re: Best Practices for MS Patching
>
> Oldie but still relevant
> Ten Principles of Microsoft Patch Management:
> http://technet.microsoft.com/en-us/library/cc512589.aspx
>
> As well as
> http://csrc.nist.gov/publications/nistpubs/800-40-Ver2/SP800-40v2.pdf
>
> Generic overview there - http://www.hcpro.com/content/42829.pdf
>
> One best practice would be to not just patch Microsoft and invest in/or have tools to deploy
> Java/Flash/Adobe, etc etc.
>
> https://media.blackhat.com/bh-us-12/Briefings/M_Miller/BH_US_12_Miller_Exploit_Mitigation_Slides.pdf
> http://blogs.technet.com/b/security/archive/2012/07/19/the-rise-of-the-black-hole-exploit-kit-the-
> importance-of-keeping-all-software-up-to-date.aspx
>
> Most of the exploits these days are attacking the third party stuff.
>
> My best practice would be to not use WSUS and invest in a third party patching tool.
>
> So if you are hipaa are you regulated to get the patches on within a month?
> What platforms are you patching?
> What risk zones/any key OS's that have key medical roles in the organization that have to be patched
> only when the vendor approves?
>
> Microsoft can't/won't (their Attorneys probably won't let them) write a document for a HIPAA
> organizations which is why you aren't seeing one on their site.
> On 7/27/2012 3:19 PM, Joel Hansen wrote:
> > Susan, Lawrence, James and Josh...thank you.
> >
> > Basically I need as much and anything possible. I'm just going to use what I think will work in this
> one particular environment. So yes, high level of course and I have been searching all sorts of
> different phrases (Bing&Google). Yes, I was thinking same thing since everyone's environments are
> different no one wants to write? Best Practices are only best when applied to your environment and
> workable...IMHO. Some seem to forget this.
> > I have started searching University locations since they typically like to publish more than anyone
> else. So Yale ITS has some pretty good high level stuff, but nothing on their own policies...you bet
> they have them written. I'm really surprise Microsoft has not published something considering.
> >
> > Anyone else or if ya think of something please pass along.
> >
> > Susan, I am using parts of your suggestion. Which was the first I downloaded.
> >
> > Thanks again and keep it coming if ya think of something please. Perhaps we can point people this
> this when asked again.
> >
> > -Joel Hansen
> >
> > -----Original Message-----
> > From: Lawrence Garvin [mailto:lawrence.garvin@att.net]
> > Sent: Friday, July 27, 2012 2:53 PM
> > To: Patch Management Mailing List
> > Subject: RE: Best Practices for MS Patching
> >
> > There's also a more generic conversation about the process a few links up from the WSUS docs at:
> > http://technet.microsoft.com/en-us/library/bb466251.aspx
> >
> >
> > -----Original Message-----
> > From: Susan Bradley [mailto:sbradcpa@pacbell.net]
> > Sent: Friday, July 27, 2012 4:31 PM
> > To: Patch Management Mailing List
> > Subject: Re: Best Practices for MS Patching
> >
> > Download: Operations Guide WSUS 3.0 SP2 - Microsoft Download Center - Download Details:
> > http://www.microsoft.com/en-us/download/details.aspx?id=7328
> >
> > Something like that?
> >
> > More resources:
> >
> > Windows Server Update Services 3.0 SP2 Operations Guide:
> > http://technet.microsoft.com/en-us/library/dd939842(WS.10).aspx
> > Windows Server Update Services Home:
> > http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx
> >
> > Windows Server Update Services Learning Roadmap Community Edition - TechNet Articles - United States
> (English) - TechNet Wiki:
> > http://social.technet.microsoft.com/wiki/contents/articles/2942.window
> > s-serv er-update-services-learning-roadmap-community-edition.aspx
> >
> >
> > On 7/27/2012 2:19 PM, Joel Hansen wrote:
> >> Hi All,
> >>
> >> I have been looking high and low for Best Practices to present and
> > standardize our different locations and offices. I have looked through the PatchManagement Archives
> and seems there is not a single place in which has written this up...is this true? Microsoft doesn't
> even provide best practices or run book on Patch Management or use of WSUS?
> >> If anyone could send me a link, I would really appreciate this. If
> >> you
> > have one for your organization or even HIPPA guidelines I could check out.
> >> Thanks in advance,
> >>
> >> Joel Hansen
> >>
> >> Test
> >>
> >>
> >>
> >> ---
> >> When posting or replying to messages on this list, please send all
> >> emails in plain text format. HTML formatted messages will not be
> > accepted.
> >> PatchManagement.org is hosted by VMware
> >>
> >> To unsubscribe send a blank email to
> > leave-patchmanagement@patchmanagement.org
> >> If you are unable to unsubscribe via this email address, please email
> >> owner-patchmanagement@patchmanagement.org
> >>
> >>
> >
> >
> > ---
> > When posting or replying to messages on this list, please send all emails in plain text format.
> HTML formatted messages will not be accepted.
> >
> > PatchManagement.org is hosted by VMware
> >
> > To unsubscribe send a blank email to
> > leave-patchmanagement@patchmanagement.org
> > If you are unable to unsubscribe via this email address, please email
> > owner-patchmanagement@patchmanagement.org
> >
> >
> >
> > ---
> > When posting or replying to messages on this list, please send all emails in plain text format.
> HTML formatted messages will not be accepted.
> >
> > PatchManagement.org is hosted by VMware
> >
> > To unsubscribe send a blank email to
> > leave-patchmanagement@patchmanagement.org
> > If you are unable to unsubscribe via this email address, please email
> > owner-patchmanagement@patchmanagement.org
> >
> > Test
> >
> >
> >
> > ---
> > When posting or replying to messages on this list, please send all
> > emails in plain text format. HTML formatted messages will not be accepted.
> >
> > PatchManagement.org is hosted by VMware
> >
> > To unsubscribe send a blank email to
> > leave-patchmanagement@patchmanagement.org
> > If you are unable to unsubscribe via this email address, please email
> > owner-patchmanagement@patchmanagement.org
> >
> >
>
>
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
> ________________________________
> **********************************************************************
> This email and any attachments are confidential and intended for the addressee only. If you are not
> the named recipient, you must not use, disclose, reproduce, copy or distribute the contents of this
> communication. If you have received this in error, please contact the sender and then delete this
> email from your system.
>
> ROYAL MAIL GROUP LIMITED registered in England and Wales at 100 VICTORIA EMBANKMENT, LONDON EC4Y 0HQ
> with the registered company number 04138203
>
> POST OFFICE LIMITED registered in England and Wales at 148 OLD STREET, LONDON EC1V 9HQ with the
> registered company number 02154540
>
> **********************************************************************
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
>
>
> ____________________
>
> Notice of Confidentiality.
>
> This document is intended only for the use of the entity to which it is addressed and may contain
> information that is privileged, confidential and exempt from disclosure under applicable law. Any
> distribution to anyone other than the intended recipient may be prohibited by law and is strictly
> forbidden. If you have received this communication in error, please contact the REJIS Help Desk
> immediately at 314-535-9497
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
>
> ________________________________
> **********************************************************************
> This email and any attachments are confidential and intended for the addressee only. If you are not
> the named recipient, you must not use, disclose, reproduce, copy or distribute the contents of this
> communication. If you have received this in error, please contact the sender and then delete this
> email from your system.
>
> ROYAL MAIL GROUP LIMITED registered in England and Wales at 100 VICTORIA EMBANKMENT, LONDON EC4Y 0HQ
> with the registered company number 04138203
>
> POST OFFICE LIMITED registered in England and Wales at 148 OLD STREET, LONDON EC1V 9HQ with the
> registered company number 02154540
>
> **********************************************************************
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
>
>
> ____________________
>
> Notice of Confidentiality.
>
> This document is intended only for the use of the entity to which it is addressed and may contain
> information that is privileged, confidential and exempt from disclosure under applicable law. Any
> distribution to anyone other than the intended recipient may be prohibited by law and is strictly
> forbidden. If you have received this communication in error, please contact the REJIS Help Desk
> immediately at 314-535-9497
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
>
> ---
> When posting or replying to messages on this list, please send all emails in plain text format. HTML
> formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email owner-
> patchmanagement@patchmanagement.org
>
> ---
> When posting or replying to messages on this list, please send all
> emails in plain text format. HTML formatted messages will not be accepted.
>
> PatchManagement.org is hosted by VMware
>
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email
> owner-patchmanagement@patchmanagement.org
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be accepted.
PatchManagement.org is hosted by VMware
To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic