Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Classic

Raft of Microsoft updates out - time to get updating

The promised batch of windows updates for today are now out and it turns out there were 3 critical updates out of the 6 released. It looks as though the biggy is an RPC problem with the plug and play…

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

The promised batch of windows updates for today are now out and it turns out there were 3 critical updates out of the 6 released. It looks as though the biggy is an RPC problem with the plug and play system (Plug and play needing a remote procedure call?) This is one that could likely be quickly exloited. There is a workaround on this of having port 139 and 445 firewalled (many places do that by default now, last I checked my ISP does.) Don't take that as a tool for complacence though. Patch it anyway!



Apparently the Plug and Play bug is only critical for Windows 2000. There is a patch rollup for Internet Explorer as well, which is important to protect against all the spyware exploits that have been discussed here lately. It's an important update whether or not you use Explorer to browse the web. Going through Windows update these days requires the Windows Genuine Advantage authenticity test. If that fails you can setup automatic updates under 2000, XP or server 2003. These all bypass the test.

So I guess we can look forward to seeing lots of network traffic from the next great web worm that hits pirated copies of windows around the world. Personally, I think security updates should be available no matter what. Add ons like Movie maker, media player, fine check for tickets at the door so to speak, but let everyone keep their box secure or the whole computing community suffers.