CTO Chronicles: Gimmiv an A

Gimmiv an A

As many of our customers scrambled to apply the patch for MS08-67, questions abounded on whether our default content would catch and contain the W32/gimmiv.a trojan that was quickly modified to exploit the vulnerability. We did (and do), of course. Also interesting to me is the use case this raises from a patch management standpoint. Regardless of whatever generic policy is chosen and implemented with respect to patch management and NAC, MS08-67 reminds us that we may, at any given time, need to push machines over to the side to apply a critical patch that comes outisde the lines of the normal cycle. Of course, having good post-admission protection in place gives flexibility that reduces the degree of the immediate fire drill, which is always nice.

Posted by Grant Hartline on October 29, 2008 at 07:34 AM in Network Access Control | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e550a981ff8834010535c1ed53970b

Listed below are links to weblogs that reference Gimmiv an A:

Comments

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

CTO Chronicles

Archives

About

OASIS-08

Got the NAC

October 29, 2008

Gimmiv an A

TrackBack

Comments

Verify your Comment

Previewing your Comment

Post a comment