Microsoft Issues Emergency Patch Amid Targeted ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

ODA155,
User Rank: Ninja
11/19/2014 | 4:24:20 PM

Re: There's still life in this

@Eamon_Walsh1,... if I understand you, I would advise you or anyone else trying to use those patches designed for Windows XP POS\Embedded systems not to risk using them in production... nothing lasts forever, it's (past) time to let it go. IMO, these are the decisions management make, thus bringing security down in an organization, because all it takes is one voice to make this case for using those patches in production "but...we can get by for 5 more years..." when the reality is you probably should have began the move from XP 5 years ago. So, what is your POV on Windows 2003 Server, you know it sundowns 7/14/2015... think you can tough it out for 5 more years?

Please do not take this as an attack against you, but this is a battle that was very hard to convience anyone that MS would actually sundown XP, and now we're coming up on 2003 Server... not to mention unsupported DB and other apps, and this is just not Microsoft. So now (yeah, now) we're developing a software lifecycle to address these problems, but first we have to prove we can follow our own rules.

Reply | Post Message | Messages List | Start a Board

Eamon_Walsh1,
User Rank: Apprentice
11/18/2014 | 5:09:04 PM

There's still life in this

Between all the hollering for OS upgrades, not only has it emerged that using POS you can effectively bypass the entire XP sunset for almost 5 more years of sun, but critical vulnerabilities to this plan. Cue, madcap patching and nice-sounding but really 'damage control' work. Let's hope there's less to it that anticipated. Meanwhile, unofficial XP SP4 patches come about too .. bit.ly/10x8en6

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Black Hat Europe - December 5-8 - Learn More

Black Hat Middle East & Africa - November 15-17 - Learn More

SecTor - Canada's IT Security Conference Oct 1-6 - Learn More

More Informa Tech Live Events

White Papers

Top Cloud Threats to Cloud Computing: Pandemic Eleven

Dark Reading: Close the Visibility Gap

Ransomware in Focus: New Research on CISO Perceptions, Perspectives, and Plans

Extended Detection and Response (XDR) - Beginner's Guide

Breaches Prompt Changes to Enterprise IR Plans and Processes

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

How Machine Learning, AI & Deep Learning Improve Cybersecurity

Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-20319
PUBLISHED: 2022-09-29

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

CVE-2019-20320
PUBLISHED: 2022-09-29

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

CVE-2019-20321
PUBLISHED: 2022-09-29

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

CVE-2019-20322
PUBLISHED: 2022-09-29

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

CVE-2019-20323
PUBLISHED: 2022-09-29

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]