Here we go again

On March 27, 2006, in Security, by

In January there was an unpatched IE flaw..one that had folks scrambling for cover.  And someone came out with a “community fix”.  Fast forward to March and deja vue again.


Unpatched IE flaws.. patch in the works… antivirus vendors having protections in place….. we have mitgations …. and we have a community patch…..


Okay gang let’s take a lesson from last time again…..


I CANNOT SET YOUR RISK TOLERANCE LEVEL FOR YOU.


Only you can look at your firm and your desktops and your risk tolerance and you know how your clients surf and how you have your network setup to know if you should use anyone of these mitgations or do nothing at all.


Only you can do that.  So I’m not going to tell you or recommend that you take any other action other than to remind you that we’re in this same position and we will again.  So if you are sitting there and you feel you are at extreme risk… then figure out if you truly and really are at risk…or if you are merely in a state of fear because you don’t know the true risks of your network.


But whatever you do… test.  Because I can’t do this for you.  Only you can decide what is the acceptable risk for your firm, your clients, your networks.

 

One Response to Here we go again

  1. Alun Jones says:

    I’ll say it again…
    Problem: untrusted and unknown people may run code on your machine.
    Solution: run code on your machine from unknown and untrusted people.
    The “solution” sounds a lot like the problem.