Microsoft had a mammoth patch Tuesday this month with 28 bug fixes (23 critical). (Computerworld article linked above. This is one of the largest update releases in five years (!) Those fixes were wrapped up in 8 updates for Internet Exporer, Office, Sharepoint, Windows media player and visual studio and Visual basic. (Oh and it looks like there are two more they SHOULD have fixed – reports of 0-days in the wild.)
Tag: windows update
-
Print spool problem after windows update
It’s been a while since I’ve had an “on-topic” post here, but as you might imagine quite a bit has been going on. I had this peculiar problem reported to me in the last week about print spool issues with certain models of printers following the official windows update day.
-
Windows XP repair install problems
I’ve run into a few problems with a windows xp repair install in the last few days that I wanted to detail the problems and what the resolution was. First, it was someone elses laptop needing a hard drive replacement. The drive was imaged, but windows still would not boot, so I broke out the XP Pro disc for a repair installation *(after trying to chkdsk from the recovery console first and fixboot /fixmbr…) Anyway, I went through the repair install process and the system booted up just fine. My next task was windows update and here’s were I started running into problems. Typing an address in the address bar of internet explorer caused a new window to open, which seemed to hang. Opening the home page seemed fine (i.e. the page that loads when you first open explorer), but you couldn’t navigate to another address.
-
Windows updates for February could set record
There could be a record number of vulnerabilities addressed next week when Microsoft releases an expected dozen updates for its Windows and Office products. (According to Brian Krebs at the Security Fix.) Tuesday February 13th is the date scheduled for the release of updates. One critical udpate will affect Microsoft’s security software (onecare/defender/etc.) 3 patches will affect Office. Most of the updates to be released are rated as critical.
-
Microsoft October 2006 patch Tuesday
The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of 15 issues covered by those four. Powerpoint, Excel, Word and Office/Publisher there are a variety of exploits, some public (like the powerpoint) others that were privately reported. Also, Incidents.org gives a nice summary of the advisories and the severity of each (urgency of updating.) The setslice vulnerability is patched in this batch by the way.
-
But it’s brand new, how could it have so many updates?
This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set up a new pc for somebody they wonder why I want to check windows update multiple times. They’ll usually say something along the lines “but it’s brand new there shouldn’t be any updates.” Well, this install was from a SP2 disk and there have been a large number of updates since that was released. Many manufacturers use fairly sophisticated techniques to roll out the default install images they use, but it’s still very possible that your machine will have several updates waiting for it when you get it.
-
Microsoft Genuine Advantage phones home daily
Microsoft says they need to do a better job about disclosing this, but the Genuine Advantage tool contacts Microsoft daily. It doesn’t do this to track your browsing or downloading habits, but to check and see if it’s ok that it’s still running. According to this article, they have some concern that it might not work properly and wanted to be able to tell it to shut down if there were widescale problems with the proof of legitimate windows copy. I did glean a few more details from the article that correct an assumption that I made a week ago.
-
Windows Desktop Search
I got a first look at Windows Desktop Search today (bundled with MSN Search Toolbar?) I was told that it was new on the system and had not been used. The systems owner didn’t know when it was installed and thought it must have been installed when he did a windows update. It looks like the MSN search toolbar adds tabbed browsing to internet explorer. I’m a bit suspicious of ANY software that the system owner is unsure of how it got to be installed on the system.
-
Network Security guide for the home or small business network – Part 5 – Update your software
Okay – so after the last article you’ve inventoried what software you use on a PC and you know what services (server’s) the pc runs that you’ve told it to. You even know what passes as “normal” startup programs. Now it’s time to put that to use. It’s time to keep up with updates for the operating system, any of the programs you use form time to time, and any programs that listen as a service (actively listen for incoming network connections.)
-
Zotob Worm
According to The Sans handlers diary, a worm exploiting one of the security vulnerabilities disclosed last week by Microsoft, is in the wild and spreading. The worm tagged as zotob.a exploits the ms05-039 vulnerability. (Sans reminds us that ms02-039 was the vuln. targetted by the slammer worm. Interesting coincidence.)
They are still at infocon yellow. (Note the infocon graphic at the bottom of each page.)