Hey Hey,

The thread title basically sums it up... How do you deal with patching?

Common sense would dictate to:

Read the reports of others luck/problems when installing the patch.
Filter (if possible) to protect the machine in question while testing/researching.
Apply the patch in a test environment..

I'm looking at the TNEF Decoding Vuln and wondering how to treat it...

This isn't something where I can close a port/filter content (not that I have the ability anyways) while I read the results of others...
I don't have a test environment or even a single test machine... I was barely able to create a test XP Machine (we had one extra license)...

That leaves me with patch immediately... or leave it open and wait to read others luck with it...

My primary thought is to patch immediately... It all comes back to CYA... but my question is... is anyone else in this same situation? What did you decide to do... Sure NGS is going to wait 3 months before disclosing the details, but still... how many people are now playing with this for fun? Will we start to see it live before then... I'd think so.. I'm sure it's minor and not something I'd even have to worry about.. but again.. CYA comes to mind...

Peace,
HT