Re: Yet more Windows XP security patches

I downloaded them all except, of course, the malware removal tool and my
three machines run like silk so I guess what you say false.

Alias

"MAP" <mikepawlak2REM@xxxxxxxxxxxxxx> wrote

> As with many so called "critial patches" does the average "home user" need
> them?
> Before installing these updates it is best to read just what they do,take
> the
> PNP patch that you mention, The person exploiting this MUST have their
> hands
> on your keyboard! (or "Admin rights" how would they get this if you
> secured
> your system?).
> A couple of years ago hotfix Q811493 (the first release) had this same
> mitigating factor many installed it because of the "critical update"
> header,and their system slowed down to a crawl,did they need it NO!
> It takes longer to install these hotfixes reading each one but on the
> otherhand it may keep your computer up and running by not installing some
> that you really don't need which may screw your system up! I have read
> posts
> already on this months patch tuesday of problems with computers not
> booting
> after installing these updates.
>
>
> Mitigating Factors for Plug and Play Vulnerability - CAN-2005-1983:
>
> . On Windows XP Service Pack 2 and Windows Server 2003 an attacker must
> have
> valid logon credentials and be able to log on locally to exploit this
> vulnerability. The vulnerability could not be exploited remotely by
> anonymous users or by users who have standard user accounts. However, the
> affected component is available remotely to users who have administrative
> permissions.
>
> Just my 2 cents worth
> Mike Pawlak
>
>
>
> Borgholio wrote:
>> Now before I continue, I just want to let everybody know that I'm NOT
>> trying to troll here. I'm not a Microsoft-hater, but there are just
>> some things that are inexcusable and that I MUST rant about. It's
>> nothing new actually...about a dozen security patches to install.
>> Happens all the time. Today, however, something just stuck in my
>> craw. Here are the
>> descriptions of two patches waiting to be installed:
>>
>>
>>
>> Size: 483 KB - 566 KB
>>
>> A security issue has been identified in the Plug and Play service
>> that could allow an attacker to compromise your Microsoft
>> Windows-based system and gain control over it. You can help protect
>> your computer by installing this update from Microsoft. After you
>> install this item, you may have to restart your computer.
>>
>> More information for this update can be found at
>> http://go.microsoft.com/fwlink/?LinkId=48900
>>
>>
>>
>>
>> Size: 494 KB - 550 KB
>>
>> A security issue has been identified in the Print Spooler service
>> that could allow an attacker to compromise your Microsoft
>> Windows-based system and gain control over it. You can help protect
>> your computer by installing this update from Microsoft. After you
>> install this item, you may have to restart your computer.
>>
>> More information for this update can be found at
>> http://go.microsoft.com/fwlink/?LinkId=48902
>>
>>
>>
>>
>> Plug and Play? PRINT SPOOLER???? Is there ANYTHING that doesn't
>> have a security hole in it??? What's next, a security hole in the
>> mouse driver? I mean I understand if there's a hidden security hole
>> in the TCP / IP stack that nobody noticed, but the Print Spooler?
>> Plug and Play? For crying out loud...EVERY SINGLE security patch I
>> downloaded today is to prevent "an attacker to gain control over your
>> system". From my personal experience, it seems as if Microsoft
>> designed Windows XP to be more accessable to the outside world than
>> to the actual user! What's their excuse for allowing so darn many
>> lapses in security to pass through QA?
>>
>> In a nutshell, Microsoft's security sucks eggs. Why? Do they just
>> not care (as they pretty much bend people over a barrel when it comes
>> to buying an operating system)? Or are they just incompetent when it
>> comes to security?
>
>
>


.

Relevant Pages

  • Re: iis config
    ... IISlockdown including URLscan and hfnetchk and signing up for the microsoft ... security patches newsletter and installing patches as soon as they come out] ... If you're planning on doing your own security, ... on your server, this may be a false alarm. ...
    (microsoft.public.inetserver.iis.security)
  • IT Security Administrator in Bend, OR
    ... workstations as well as physical security for I/T systems. ... manages network security software and hardware. ... Extensive experience with Windows 2000/2003 servers and Exchange ... Two years experience configuring, installing and implementing VMWare ...
    (comp.arch)
  • Re: Windows - a gazillion updates. Daily.
    ... installing in just two months. ... Microsoft tries to get these things out quickly, ... Surely you're not seriously suggesting that Apples one security update ... All Windows machines should always have the lastest definitions, ...
    (comp.sys.mac.advocacy)
  • Re: Yet more Windows XP security patches
    ... >> otherhand it may keep your computer up and running by not installing ... >>> A security issue has been identified in the Plug and Play service ... >>> your computer by installing this update from Microsoft. ... a security hole in the ...
    (microsoft.public.windowsxp.general)
  • Re: Yet more Windows XP security patches
    ... consequences of not installing the patch. ... That is why when someone asks if a Critical Update should be installed, ... >> nothing new actually...about a dozen security patches to install. ... >> your computer by installing this update from Microsoft. ...
    (microsoft.public.windowsxp.general)