this post was submitted on 07 Nov 2024
569 points (98.0% liked)
Technology
59495 readers
3110 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yet another reason to not do auto-updates in an enterprise environment for mission-critical services.
In an enterprise environment, you rely on a service that tracks CVEs, analyzes which ones apply to your environment, and prioritizes security critical updates.
The issue here is that one of these services installed a release upgrade because Microsoft mislabelled it as security update.
Should still be doing phased rollouts of any patches, and where possible, implementing them on pre-prod first.
For security updates in critical infrastructure, no. You want that right away, in best case instant. You can't risk a zero day being used to kill people.
Even security updates can be uncritical or supercritical. Consult the patch notes or get burned lol