Employer's IT Dept not distributing patches

Discussion in 'other security issues & news' started by optigrab, Feb 20, 2004.

Thread Status:
Not open for further replies.
  1. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Hi All

    Right from the start, let me say I just try to be a conscientious PC user and security hobbyist (I actually enjoy this stuff - probably because it's NOT my job). I keep my home PCs patched and backed up (plus FW'd, AV'd AT'd, etc. of course).

    My issue is my company's IT department. They don't seem to be distributing many MS patches, and certainly not in a timely fashion. Most of the PC's at work are old desktops that will always be shielded by the company's network/firewall. But the bunch of us who go out on the road are issued nifty laptops with unpatched IE 5.5 and W2K installed. They are our (professional) lifeblood.

    Just this week I took it upon myself to update/patch IE (and I've also installed Mozilla). But below is a list of MS patches that aren't installed according to Windows Update.

    The questions are: Am I missing some possibly good reasons why these aren't distributed? Also, how awful would it be if I just went ahead and updated myself? BTW, I'm likely to do it anyway unless I hear some really good reasons not to. I backup my work PC anyway so I suppose I could always uninstall a patch or even restore from a backup in the worst-case scenario.

    Regards
    Optigrab


    Windows 2000 Service Pack 4 Express Install for End Users*

    330994: April 2003, Security Update for Outlook Express 6 SP1

    Critical Update for Windows Media Player Script Commands (KB828026)

    Security Update for Windows 2000 (KB82802:cool:

    Security Update for Microsoft Windows (KB828749)

    Security Update for Microsoft Windows 2000 (KB828035)

    Security Update for Microsoft Windows 2000 (KB825119)

    Security Update for Microsoft Windows 2000 (KB826232)

    Security Update for Windows 2000 (KB823182)

    Security Update for Microsoft Windows (KB824141)

    Security Update for Windows 2000 (KB824146)

    823559: Security Update for Microsoft Windows

    Flaw In Windows Media Player May Allow Media Library Access (819639)

    814078: Security Update (Microsoft Jscript version 5.6, Windows 2000, Windows XP)
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    They really want incidents to happen?

    Until spring last year our company had a comparable level of security. Then we had one Klez incident that led to isolating one department form our company. It helped, right now our Windows is at the required level.

    The buzz word of today is patch management. Problem: it's quite expensive, even when you use WindowsUpdate. That's the problem for most companies.
     
Loading...
Thread Status:
Not open for further replies.