769
So what's changed Microsoft?
(lemmy.world)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 04 May 2024
769 points (96.4% liked)
memes
10142 readers
2117 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 1 year ago
MODERATORS
Part of my job used to involve explaining patch supersedence to leadership so that they had a clear idea of why a totally different patch needs to be loaded to address a vulnerability reporting a different patch number in the scanner.
Tenable (or how our security folks have our scans configured) doesn't seem to get that.
I used to have to explain it to them too, but could usually get them to understand by referencing the CVE and the breakdown from the MS security updates guide.
My favourite is:
Them: We want less red in the pie chart. Fix that remote vulnerability.
Me: We don't even have that component enabled. It's reporting on a DLL file version, not the vulnerability itself.
Them: Just lower our vulnerability score.
(Me wondering if I deploying dozens of fully-patched systems would have the same proportional effect)