Re: Yet more Windows XP security patches
- From: "MAP" <mikepawlak2REM@xxxxxxxxxxxxxx>
- Date: Fri, 12 Aug 2005 08:23:47 -0400
Hi Jupiter!
But that is a yes only due to the ignorance of the person maintaining the
system and NOT due to necessity. I can see your view but I stand by my
original post as being correct.
--
Mike Pawlak
Jupiter Jones [MVP] wrote:
> Yes, the average home user probably does need all Critical Updates.
> The average home user may not be able to make a good decision about
> the necessity of a specific Critical Updated in their situation.
> In order to make the decision not to install a Critical Update, the
> user should:
> 1. Have a thorough understanding of their hardware and software
> including all types of use by ALL users.
> 2. Thorough understanding of the patch especially the potential
> consequences of not installing the patch.
> The typical home user does not fit both of the above.
> That is why when someone asks if a Critical Update should be
> installed, I say yes.
> If they were thoroughly familiar with the above, they would not ask
> the question.
>
>
> "MAP" <mikepawlak2REM@xxxxxxxxxxxxxx> wrote in message
> news:uggGL4onFHA.2472@xxxxxxxxxxxxxxxxxxxxxxx
>> As with many so called "critial patches" does the average "home
>> user" need them?
>> Before installing these updates it is best to read just what they
>> do,take the
>> PNP patch that you mention, The person exploiting this MUST have
>> their hands
>> on your keyboard! (or "Admin rights" how would they get this if you
>> secured
>> your system?).
>> A couple of years ago hotfix Q811493 (the first release) had this
>> same mitigating factor many installed it because of the "critical
>> update" header,and their system slowed down to a crawl,did they need
>> it NO!
>> It takes longer to install these hotfixes reading each one but on the
>> otherhand it may keep your computer up and running by not installing
>> some that you really don't need which may screw your system up! I
>> have read posts
>> already on this months patch tuesday of problems with computers not
>> booting
>> after installing these updates.
>>
>>
>> Mitigating Factors for Plug and Play Vulnerability - CAN-2005-1983:
>>
>> . On Windows XP Service Pack 2 and Windows Server 2003 an attacker
>> must have
>> valid logon credentials and be able to log on locally to exploit this
>> vulnerability. The vulnerability could not be exploited remotely by
>> anonymous users or by users who have standard user accounts.
>> However, the affected component is available remotely to users who
>> have administrative permissions.
>>
>> Just my 2 cents worth
>> Mike Pawlak
>>
>>
>>
>> Borgholio wrote:
>>> Now before I continue, I just want to let everybody know that I'm
>>> NOT trying to troll here. I'm not a Microsoft-hater, but there are
>>> just some things that are inexcusable and that I MUST rant about.
>>> It's nothing new actually...about a dozen security patches to
>>> install. Happens all the time. Today, however, something just
>>> stuck in my craw. Here are the
>>> descriptions of two patches waiting to be installed:
>>>
>>>
>>>
>>> Size: 483 KB - 566 KB
>>>
>>> A security issue has been identified in the Plug and Play service
>>> that could allow an attacker to compromise your Microsoft
>>> Windows-based system and gain control over it. You can help protect
>>> your computer by installing this update from Microsoft. After you
>>> install this item, you may have to restart your computer.
>>>
>>> More information for this update can be found at
>>> http://go.microsoft.com/fwlink/?LinkId=48900
>>>
>>>
>>>
>>>
>>> Size: 494 KB - 550 KB
>>>
>>> A security issue has been identified in the Print Spooler service
>>> that could allow an attacker to compromise your Microsoft
>>> Windows-based system and gain control over it. You can help protect
>>> your computer by installing this update from Microsoft. After you
>>> install this item, you may have to restart your computer.
>>>
>>> More information for this update can be found at
>>> http://go.microsoft.com/fwlink/?LinkId=48902
>>>
>>>
>>>
>>>
>>> Plug and Play? PRINT SPOOLER???? Is there ANYTHING that doesn't
>>> have a security hole in it??? What's next, a security hole in the
>>> mouse driver? I mean I understand if there's a hidden security hole
>>> in the TCP / IP stack that nobody noticed, but the Print Spooler?
>>> Plug and Play? For crying out loud...EVERY SINGLE security patch I
>>> downloaded today is to prevent "an attacker to gain control over
>>> your system". From my personal experience, it seems as if Microsoft
>>> designed Windows XP to be more accessable to the outside world than
>>> to the actual user! What's their excuse for allowing so darn many
>>> lapses in security to pass through QA?
>>>
>>> In a nutshell, Microsoft's security sucks eggs. Why? Do they just
>>> not care (as they pretty much bend people over a barrel when it
>>> comes to buying an operating system)? Or are they just incompetent
>>> when it comes to security?
.
- References:
- Yet more Windows XP security patches
- From: Borgholio
- Re: Yet more Windows XP security patches
- From: MAP
- Re: Yet more Windows XP security patches
- From: Jupiter Jones [MVP]
- Yet more Windows XP security patches
- Prev by Date: installing extra font without xp installation dics.
- Next by Date: Re: coloring of file names
- Previous by thread: Re: Yet more Windows XP security patches
- Next by thread: Re: Yet more Windows XP security patches
- Index(es):
Relevant Pages
|
|
