Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-Disclosure] Vulnerability response times -- MS and others
From: Alerta Redsegura (alertaredsegura.com)
Date: Wed Apr 07 2004 - 18:15:00 CDT
A big issue here that has not been discussed is the time window between the
release of a patch/upgrade and the ability to safely apply it in a live
Among my customers, many sysadmins just cannot apply the latest patches as
soon as they are available because of possible dependencies with other
vendor's commercial apps.
This is not only true for Windows: in the last year, I have seen several Red
Hat Linux installations where SendMail and OpenSSH patches could not be
applied because of interference with 3rd-party applications run on these
They had to wait until the third-party software manufacturers released their
own upgrades to install the system's patches.
Of course, A clear advantage *still present* in Linux is that you can do all
the upgrades without rebooting, and even most of the times, without taking
the services down more than 5 or 10 seconds.
> Anyways... the report seems to indicate that Microsoft is the fastest
> on solving security issues.
> --Comparing Windows and Linux Security
Full-Disclosure - We believe in it.