Raft of Microsoft updates out – time to get updating



The promised batch of windows updates for today are now out and it turns out there were 3 critical updates out of the 6 released. It looks as though the biggy is an RPC problem with the plug and play system (Plug and play needing a remote procedure call?) This is one that could likely be quickly exloited. There is a workaround on this of having port 139 and 445 firewalled (many places do that by default now, last I checked my ISP does.) Don’t take that as a tool for complacence though. Patch it anyway!



Apparently the Plug and Play bug is only critical for Windows 2000. There is a patch rollup for Internet Explorer as well, which is important to protect against all the spyware exploits that have been discussed here lately. It’s an important update whether or not you use Explorer to browse the web. Going through Windows update these days requires the Windows Genuine Advantage authenticity test. If that fails you can setup automatic updates under 2000, XP or server 2003. These all bypass the test.

So I guess we can look forward to seeing lots of network traffic from the next great web worm that hits pirated copies of windows around the world. Personally, I think security updates should be available no matter what. Add ons like Movie maker, media player, fine check for tickets at the door so to speak, but let everyone keep their box secure or the whole computing community suffers.

Related Posts

Blog Traffic Exchange Related Posts
  • Big Windows June update day Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of......
  • Metasploit I had hoped to do an article on metasploit in the not too distant future, but not as early as tonight.... However, I've made a couple of references to it in previous posts which, well, it would be nice if I'd already given a bit of information about metasploit in......
  • Microsoft Releasing out of Cycle Patch for Internet Explorer Exploit Take a look at the official announcement. They've moved outside the usual update cycle for this one. VERY good move Microsoft to get this patch in before the holidays as it looks as though there's been a spike in the use of this particular exploit and with people doing a......
Blog Traffic Exchange Related Websites
  • Wordpress 3.0.2 - Auto Updating Error Resolved Wordpress 3.0.2 - Don't Pull Your Hair Out Yet Image by Debs (ò‿ó)♪ via Flickr If you have been using Wordpress for any extended period of time you know that they are constantly updating their plate form. While it re assures me that wordpress is always improving it can also......
  • Lending Club Update: Earning 15.6% NAR on P2P Lending Investments ~ ~ ~ April 2011 Update: Shutting Down My Lending Club Investments over Q&A Change ~ ~ ~   My Lending Club investment portfolio is continuing to look fairly impressive as we close the books on 2010. Summary Net Annual Return is up to 15.64% NAR. My highest observed NAR was 15.69%,......
  • Blogging for Business Pt 1 Business blogs are quickly becoming the "in" thing, at least as far as corporate communication is concerned. "Blog" is short hand for weblog or web log, which is an online public diary that is updated on a regular basis. Some web logs are updated daily, while others see updates every......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site