Taking care of MS Security Updates for the network.

G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.misc (More info?)

I have a WinNT4 SP6 network comprising of WinNT4 servers, WinNT4
workstations & WinXP workstations.

I spend a LOT of time keeping each machine up-to-date wrt MS security
updates, and I can't do it anymore! At the moment, I have to manually log
which workstation has had which patches applied and then create a new log of
newly downloaded patches and tick off those workstations which need them.

Is there any easier way? I currently download each patch into a network
share.

Oh, the other problem is that when a new workstation comes in, I have to
load all the patches and reboot after every single one (just about). Is
there an easier way?

--

Julian Milano
|
(To reply, remove NOSPAM from the email address)
|
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.misc (More info?)

There is an easier way. Do not rely on Microsoft's slap
dash patch work approach to security. Secure your network
with a firewall, block executable attachments, and
security rules for users to follow.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.misc (More info?)

Ack,

I acknowlege your comments, but it doesn't stop worm viruses from getting
thru. We have a Cisco Pix firewall, and we still got the wuamgrd.exe worm
plus others. How did it get in, coz the notebook users brought their
notebooks home, caught the worm coz it port scans and then downloads itself
thru open ports, and sits there scanning for other vulnerable systems.

As soon as the infected notebook(s) get into the corporate network, bang!
All the vulnerable workstations go down.

If the notebooks are patched, at least I've stopped one way in.

So, if anyone can tell me how to efficiently maintain patches for networked
WinNT4 workstations and WinXP workstations, please let me know. Failing
this, I'm going to have to write something in VB6- but I haven't got time to
do this and the worms keep spreading!

--

Julian Milano
|
(To reply, remove NOSPAM from the email address)
|

"ack" <anonymous@discussions.microsoft.com> wrote in message
news:2d7d101c46a78$1e8774b0$a401280a@phx.gbl...
> There is an easier way. Do not rely on Microsoft's slap
> dash patch work approach to security. Secure your network
> with a firewall, block executable attachments, and
> security rules for users to follow.
 

TRENDING THREADS