security flaws and patch confusion....

itwannabeitwannabe Member Posts: 35 ■■□□□□□□□□
OK..hoping that 'the only dumb question, is the one that's never asked' rule applies here, I have an 'uneducated' curiosity.

My question is about all the security flaws and patches that are released concerning browsers and OS's. When these companies release the information / warning that the flaw or hole 'could allow exploits and unauthorized users to run malicious code' on a machine; does this negate any hardware or software firewalls that a user may have?

I know it's best to always try and keep up with the current release and patch with any software, but I've never quite been able to get an answer to this distinction?
Certify this!!!

Comments

  • 2lazybutsmart2lazybutsmart Member Posts: 1,119
    My question is about all the security flaws and patches that are released concerning browsers and OS's

    From a non-technical point of view, software companies usually make sure that a complete version of any given software is never rolled out in the first release. It's more of a marketing scheme (sorry for deviating from your question's subject... but icon_lol.gif ). From my few years in software development (mainly in the product management sector), I've come to know that a software made to address all required issues isn't following a good marketing practice. You don't rob the customer, but you don't give him everything in the first roll-out. Bit by bit, the customer will both be dependant on you and feel that you are working towards enhancing the application day and night.

    The Redmond giant, like the small company I've worked at, uses the same strategy and 6,000+ developing brains behind it.

    I'll leave the technical part for others icon_wink.gif

    just my .02 cent,
    2lbs. icon_lol.gif
    Exquisite as a lily, illustrious as a full moon,
    Magnanimous as the ocean, persistent as time.
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    hmmm interesting 2lazy

    I think it is more from public demand than a marketing perspective for Redmond. They announce a product in beta and a possible release date and they are then pushed by the media to release it ... ready or not.
    I think Bill G would be over the moon to actually roll out a product that was ready to go and flawless for a change ... lol

    itwannabe - it is possible for the addition of new software to disable a software firewall (any product if they have certain conflicts). However a hardware firewall is completely unaffected as it is a seperate device on the network.
    www.supercross.com
    FIM website of the year 2007
  • itwannabeitwannabe Member Posts: 35 ■■□□□□□□□□
    RussS wrote:
    itwannabe - it is possible for the addition of new software to disable a software firewall (any product if they have certain conflicts). However a hardware firewall is completely unaffected as it is a separate device on the network.

    Ok, that much I get...and maybe my original question was off target...Lets use Windows XP as my example using the following scenario

    For instance, say I'm running XP w/ a software firewall and a port probe shows all port scan attempts are blocked successfully.

    Then I receive an auto update from microsoft saying that there is a new critical update available and when I read the knowledge base article, it gives me the 'may allow unauthorized users to run malicious code on the machine' disclaimer about whatever buffer overrun or breach has been identified.

    So, my question is, if it's a hole in the software that's been hacked thru, then is it possible my firewall is breachable because of this hole? Does that make sense or am I confusing myself again? hahaha
    Certify this!!!
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    Depends on if the hole is in a service that you allow at the firewall. For example, if port 80 inbound is denied on the firewall, there's no need to worry about a hole in IIS www service on you Windows XP client.
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    Confusing yourself .... hmmmmm - only if you have been taking advice from enforcer - they don't call him the confusion master for nothing :P

    Webmaster is correct - but as in all cases ... keep an eye on the boards for adverse reactions to patches and service packs.
    www.supercross.com
    FIM website of the year 2007
  • itwannabeitwannabe Member Posts: 35 ■■□□□□□□□□
    got it..thanks Webmaster
    Certify this!!!
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    You're welcome.

    Indeed, some updates might produce other breaches or failures and make thing even worse. Usually you should only install those updates that you really need... every Service Pack includes new bugs.

    I think MS is doing a fine job automatically updating my XP system though :)

    @2lazybutsmart: As with any software, people find bugs and holes, and since MS products are most widely used, they are most likely to become a target for exploitation. I agree with RussS, I think BG is indeed more obsessed with trying to create the ultimate OS than with his financial balance... icon_wink.gif
  • itwannabeitwannabe Member Posts: 35 ■■□□□□□□□□
    RussS & WbMstr

    I couldn't agree more...on all counts...regarding the bugs and fixes w/ service packs and updates...That's one of the things that led to my original question....

    I often wait to install the MS updates until I can read some info on them, just because I hate to jump on the 'damn I got it, now what' bandwagon...lol so for now, I'm happy w/ XP and looking forward to Longhorn in a couple of years. I wonder if there's a beta version of that out, (besides on P2P networks)...

    again, thanks to all for the input and so for now, I'm off, until the next time my mind wanders
    Certify this!!!
  • EnforcerEnforcer Member Posts: 74 ■■□□□□□□□□
    RussS wrote:
    Confusing yourself .... hmmmmm - only if you have been taking advice from enforcer - they don't call him the confusion master for nothing :P


    Hey!

    how come I got brought into this?
    Mission statement : To change and deviate from the subject at the earliest opportunity.
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    And you had to ask?
    www.supercross.com
    FIM website of the year 2007
  • EnforcerEnforcer Member Posts: 74 ■■□□□□□□□□
    Well I hadn't made any contribution to this thread, but there I am right in the middle of it.



    I only found out I did a web search for Enforcer Confusion Master. :)
    Mission statement : To change and deviate from the subject at the earliest opportunity.
Sign In or Register to comment.