Raft of Microsoft updates out – time to get updating



The promised batch of windows updates for today are now out and it turns out there were 3 critical updates out of the 6 released. It looks as though the biggy is an RPC problem with the plug and play system (Plug and play needing a remote procedure call?) This is one that could likely be quickly exloited. There is a workaround on this of having port 139 and 445 firewalled (many places do that by default now, last I checked my ISP does.) Don’t take that as a tool for complacence though. Patch it anyway!



Apparently the Plug and Play bug is only critical for Windows 2000. There is a patch rollup for Internet Explorer as well, which is important to protect against all the spyware exploits that have been discussed here lately. It’s an important update whether or not you use Explorer to browse the web. Going through Windows update these days requires the Windows Genuine Advantage authenticity test. If that fails you can setup automatic updates under 2000, XP or server 2003. These all bypass the test.

So I guess we can look forward to seeing lots of network traffic from the next great web worm that hits pirated copies of windows around the world. Personally, I think security updates should be available no matter what. Add ons like Movie maker, media player, fine check for tickets at the door so to speak, but let everyone keep their box secure or the whole computing community suffers.

   Send article as PDF   

Similar Posts