Greetings,

First of all this week, a quick financial reward: AusCERT members receive a discount to attend the OWASP Appsec Asia in Sydney, 11th-14th April, 2012. For more information visit: https://auscert.org.au/15576 (login required).

This week I had to restart my web browser, but not my computer. This was a nice change, as I tend to equate patching with restarting, I know I shouldn't. Many Linux users will not only remind me how infrequently their patches require a restart, but that there are even ways to patch the running kernel!

I like the idea, however a smart person once told me that he liked to restart any server he was patching twice every time he patched it. The rationale is that in a shared admin environment you never really know who has made what configuration changes to files that may not be active. Therefore the first restart ensures that the current system state will come back up and function normally. You then apply the patches, and the second restart ensures that after the patches are installed the system still starts up and runs correctly.

This may seem like overkill, especially now that you can snapshot a VM and recall it if anything goes wrong. However back when systems ran on real hardware the ability to have two short known outages was often preferable to ANY chance of a longer unexpected outage. The phrase "better safe than sorry" never has quite as much meaning until you actually are sorry.

Anyway, where was I... Oh yes. Google Chrome was patched this week, causing me to have to restart my browser. Apple also updated iTunes, iOS and Apple TV, which (at least in the case of iTunes) did not require a restart. Finally, Microsoft is releasing six bulletins next week - at least some of which do require a restart.

Have a good weekend,
Richard