Slashdot Mirror

← Back to Stories (view on slashdot.org)

Patching Paranoia - How Fast Do You Patch?

Posted by Cliff on from the closing-the-holes dept.

selfassembled asks: "I work for an IT group in the Boston area called Thrive Networks. After the most recent exploit was revealed, my company scrambled to get our client's servers patched within 48 hours. This is extremely difficult because no customer wants to be interrupted by a reboot during business hours. Our staff worked after hours to get this patch installed ASAP. How fast do you (or your IT group) install patches for major exploits like this? What do you consider to be an acceptable turn around time for a vulnerability patch that may not even have an exploit yet? After Blaster and Welchia we decided it's better to be safe than sorry, and our customers seem to agree."

14 of 681 comments (clear)

  1. As fast as ... by billstr78 · · Score: 3, Funny

    ... I am to post to a new Slashdot article

  2. I wait until... by Bull999999 · · Score: 4, Funny

    I wait until I get feedbacks from sites such as The Register to make sure that the patch doesn't break anything.

    --
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
    1. Re:I wait until... by croddy · · Score: 4, Funny
      I guess you didn't hear about the patch for XP that disabled Internet access for hundreds of thousands of users.

      well they should have POSTED about it! jeez!

    2. Re:I wait until... by hoggoth · · Score: 4, Funny

      > We used to have Groupwise, and pretty much every MS patch broke Groupwise

      I think "Breaking Groupwise" is an MS patch all by itself.
      "CRITICAL UPDATE: SOME SYSTEMS HAVE GROUPWISE INSTALLED ON THEM. THIS PATCH WILL BREAK GROUPWISE."

      --
      - For the complete works of Shakespeare: cat /dev/random (may take some time)
    3. Re:I wait until... by __past__ · · Score: 3, Funny

      To be honest, that would definitly be one of their more useful patches.

      --
      Programming can be fun again. Film at 11.
  3. I'd discuss this story by Anonymous Coward · · Score: 1, Funny

    But I'm busy applying some patches. Damn this Windows.

  4. On a Windows network, by RgrRmjt · · Score: 3, Funny

    Middle of the day reboots are normal, so we patch whenever we want.

  5. Lie about it. by EvilJohn · · Score: 4, Funny

    If it's windows patch early, and patch often. If anyone asks why you rebooted a box, lie about it and say "It crashed." That's one everyone will believe.

    --

    Less Talk, More Beer.
  6. Re:If you ran openBSD servers then by digitalsushi · · Score: 2, Funny

    I'd run openBSD if they would release a version of Gator for it.

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  7. Re:MS by cperciva · · Score: 3, Funny

    Ah. Now your inexperience in the *nix world shines through. There IS no guessing. Upgrade apache, restart the apache service (httpd .. maybe slightly confusing..). Upgrade mysql, restart mysqld.

    I just upgraded libc. What do I have to restart?

    --
    Tarsnap: Online backups for the truly paranoid
  8. What is this rebooting of which you speak? by Boatman · · Score: 2, Funny
    • no customer wants to be interrupted by a reboot during business hours

    Hm, rebooting. Rebooting. Oh yeah, I remember now. I had to do that to my GNU/Linux system once when I upgraded my motherboard.

    --
    --Just the place for a snark!
  9. 1 day by Unregistered · · Score: 2, Funny

    I have emerge rsync && emerge -U world in cron.daily you insensitive clod.

  10. Patches? by Quixadhal · · Score: 2, Funny

    Whare are these "patches" of which you speak?

    Just run a VAX/VMS system as your firewall... it's so old and obscure that no hacker will have any hope of remembering how to hack it. :)

  11. as fast as possible by _Shorty-dammit · · Score: 2, Funny

    I keep one browser open to windowsupdate all the time, constantly refreshing, so I never miss an update. Why, sometimes, I even get truncated downloads because the upload on their end hasn't finished to the server yet!