Re: Yet more Windows XP security patches

Where you born an idiot, or did you have to work at it?

Mike Pawlak




Alias wrote:
> I downloaded them all except, of course, the malware removal tool and
> my three machines run like silk so I guess what you say false.
>
> Alias
>
> "MAP" <mikepawlak2REM@xxxxxxxxxxxxxx> wrote
>
>> As with many so called "critial patches" does the average "home
>> user" need them?
>> Before installing these updates it is best to read just what they
>> do,take the
>> PNP patch that you mention, The person exploiting this MUST have
>> their hands
>> on your keyboard! (or "Admin rights" how would they get this if you
>> secured
>> your system?).
>> A couple of years ago hotfix Q811493 (the first release) had this
>> same mitigating factor many installed it because of the "critical
>> update" header,and their system slowed down to a crawl,did they need
>> it NO!
>> It takes longer to install these hotfixes reading each one but on the
>> otherhand it may keep your computer up and running by not installing
>> some that you really don't need which may screw your system up! I
>> have read posts
>> already on this months patch tuesday of problems with computers not
>> booting
>> after installing these updates.
>>
>>
>> Mitigating Factors for Plug and Play Vulnerability - CAN-2005-1983:
>>
>> . On Windows XP Service Pack 2 and Windows Server 2003 an attacker
>> must have
>> valid logon credentials and be able to log on locally to exploit this
>> vulnerability. The vulnerability could not be exploited remotely by
>> anonymous users or by users who have standard user accounts.
>> However, the affected component is available remotely to users who
>> have administrative permissions.
>>
>> Just my 2 cents worth
>> Mike Pawlak
>>
>>
>>
>> Borgholio wrote:
>>> Now before I continue, I just want to let everybody know that I'm
>>> NOT trying to troll here. I'm not a Microsoft-hater, but there are
>>> just some things that are inexcusable and that I MUST rant about.
>>> It's nothing new actually...about a dozen security patches to
>>> install. Happens all the time. Today, however, something just
>>> stuck in my craw. Here are the
>>> descriptions of two patches waiting to be installed:
>>>
>>>
>>>
>>> Size: 483 KB - 566 KB
>>>
>>> A security issue has been identified in the Plug and Play service
>>> that could allow an attacker to compromise your Microsoft
>>> Windows-based system and gain control over it. You can help protect
>>> your computer by installing this update from Microsoft. After you
>>> install this item, you may have to restart your computer.
>>>
>>> More information for this update can be found at
>>> http://go.microsoft.com/fwlink/?LinkId=48900
>>>
>>>
>>>
>>>
>>> Size: 494 KB - 550 KB
>>>
>>> A security issue has been identified in the Print Spooler service
>>> that could allow an attacker to compromise your Microsoft
>>> Windows-based system and gain control over it. You can help protect
>>> your computer by installing this update from Microsoft. After you
>>> install this item, you may have to restart your computer.
>>>
>>> More information for this update can be found at
>>> http://go.microsoft.com/fwlink/?LinkId=48902
>>>
>>>
>>>
>>>
>>> Plug and Play? PRINT SPOOLER???? Is there ANYTHING that doesn't
>>> have a security hole in it??? What's next, a security hole in the
>>> mouse driver? I mean I understand if there's a hidden security hole
>>> in the TCP / IP stack that nobody noticed, but the Print Spooler?
>>> Plug and Play? For crying out loud...EVERY SINGLE security patch I
>>> downloaded today is to prevent "an attacker to gain control over
>>> your system". From my personal experience, it seems as if Microsoft
>>> designed Windows XP to be more accessable to the outside world than
>>> to the actual user! What's their excuse for allowing so darn many
>>> lapses in security to pass through QA?
>>>
>>> In a nutshell, Microsoft's security sucks eggs. Why? Do they just
>>> not care (as they pretty much bend people over a barrel when it
>>> comes to buying an operating system)? Or are they just incompetent
>>> when it comes to security?



.

Relevant Pages

  • Re: iis config
    ... IISlockdown including URLscan and hfnetchk and signing up for the microsoft ... security patches newsletter and installing patches as soon as they come out] ... If you're planning on doing your own security, ... on your server, this may be a false alarm. ...
    (microsoft.public.inetserver.iis.security)
  • IT Security Administrator in Bend, OR
    ... workstations as well as physical security for I/T systems. ... manages network security software and hardware. ... Extensive experience with Windows 2000/2003 servers and Exchange ... Two years experience configuring, installing and implementing VMWare ...
    (comp.arch)
  • Re: Windows - a gazillion updates. Daily.
    ... installing in just two months. ... Microsoft tries to get these things out quickly, ... Surely you're not seriously suggesting that Apples one security update ... All Windows machines should always have the lastest definitions, ...
    (comp.sys.mac.advocacy)
  • Re: Yet more Windows XP security patches
    ... consequences of not installing the patch. ... That is why when someone asks if a Critical Update should be installed, ... >> nothing new actually...about a dozen security patches to install. ... >> your computer by installing this update from Microsoft. ...
    (microsoft.public.windowsxp.general)
  • Re: Security Update for MS XML Core Services 4.0 Service Pack 2(KB
    ... Security Update installed on my PC on 4/17 (it was the day after I saw the ... But, after the Re-boot, Windows Update showed KB941833 as an Available ... You asked me to Post the name of the Security Software; ... keep installing and Updated to Vista Home Prem SP1 ...
    (microsoft.public.windowsupdate)