 |
|
 |
| Tuesday, September 07, 2010
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
SullyC |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
53 |
 |
People Online: |
 |
Visitors:
7 |
 |
Members:
0 |
 |
Total:
7 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
Lee Drake
Posts:238
 |
| 08/09/2005 10:13 PM |
|
| What it is
It's PATCH TUESDAY, when Microsoft releases their patches. There are a number of critical patches this month, so it's a good idea to patch sooner rather than later, or for those of you who have automatic update set up, accept the install of the previously downloaded patches by clicking on the "green and blue world" or "yellow shield" in your system tray (depending on OS).
Here's a summary of the patches being released this month (some may already have been updated on your computer, or may not apply to your OS or installation):
MS05-038 - This patch for internet explorer affects all version of IE (5.01 and above, on all Operating systems including Windows 2000, XP (SP1 and SP2), XP X64, Windows Server 2003 (all versions), Win 98, 98SE, ME). The patch fixes 3 vulnerabilities that could allow a remote website to install spyware or other software on your machine. It's critical that this patch be applied ASAP. A ring of thieves recently compromised over 400 accounts in 50 different banks using the vulnerabilities addressed in this patch to install keylogging software. The vulnerabilities are in the way IE processes Jpeg images, web folders, and COM objects.
MS05-039 - This patch fixes a problem in Plug and Play detection that could allow remote code execution and/or elevation of a non-privileged user to priveleged status. It affects Windows 2000, XP, Server 2003 (All versions).
MS05-040 - This patch is for the Telephony service for Windows XP, 2000, 2003 Server, Windows 98, Windows 98SE and Windows ME. The TAPI interface has a buffer overflow vulnerability that could allow a remote hacker to take over your system. Fortunately most people won't be vulnerable to this as you have to manually enable TAPI. It's good to have the patch installed to avoid problems with this no matter how you reconfigure your machine in the future.
MS05-041 - This VERY CRITICAL patch applies to all desktop and servers systems with Remote Desktop enabled. If you have your remote desktop port exposed to the internet at large (by port forwarding through a firewall, or a VPN) then you definitely need to apply this patch ASAP, as we expect another "Slammer style" worm based on this vulnerability. The patch affects Windows 2000 Server (but not workstation), Windows XP SP1 and XPS P2, Windows 2000, and Server 2003). It is HIGHLY CRITICAL you apply this patch asap if you use remote desktop.
MS05-042 - This patch will fix a potential denial of service and/or Spoofing or information disclosure vulnerabilities. It applies to: Windows 2000, XP SP1 and SP2, Server 2003 (All versions). The patch fixes a problem in Kerberos authentication that could cause an infinite loop which will force the domain controller to mot respond. It also fixes a network vulnerability that could make information transmitted over the network to a trusted server be subject to a "man in the middle" attack which would allow the hacking computer to read information.
MS05-043 - This patch addresses a vulnerability in the print spooler service that could allow an attacker to take over a machine with a shared printer attached to it. This patch applies to Windows 2000, 2003 Servers and XP SP1 and SP2 only. Again - most people won't be vulnerable to this, but it's good to have the patch.
Microsoft Malicious software scanning tool - Microsoft monthly downloads and runs this tool as part of the update process to identify and kill malicious software that it has in it's identification system. This software is not "left behind" to run again.
What to do
We recommend that Windows XP users visit http://update.microsoft.com and install and use Microsoft's new update tool which will update both MS Office and the operating system in one step. Use the ADVANCED update process and accept all updates, critical, recommended and hardware. This new tool makes updates easier. You may find if you haven't visited the office update site recently that you receive additional updates not mentioned here. We recommend you accept and install these updates. Note that MS Office updates may require you to have the original office install disks to install. We suggest having these on hand, or copying them to a hard drive directory (if you have room) so that you can point the update process to the hard drive image should an update be necessary. Note that http://update.microsoft.com requires you to authenticate your copy of XP prior to downloading updates and installing the activeX control. Those with legal copies of XP needn't worry about this process - though you may need to type in your install keycode from the original disks or your OEM sticker on your computer.
If you have automatic updates turned on you should get a "Shield" icon in your system tray indicating that updates are ready to install - proceed with the installation and reboot your machine.
Users of Windows 2000, 98, 98SE and ME may need to continue to use the separate http://windowsupdate.microsoft.com and http://officeupdate.microsoft.com sites.
If you suspect your machine may already have been compromised by spyware, adware, pop-ups, viruses or other problems we recommend that you try the process detailed at:
http://www.securitytango.com
For ridding your machine of unwanted guests. Note that this isn't for the faint of heart, but it is pretty straightforward. If you don't feel confident about following the instructions - get a computer professional to assist you in cleaning (or reinstalling your machine).
References
Summary of Security Bulletins for August 2005: http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx
Microsoft update site: http://update.microsoft.com OR http://windowsupdate.microsoft.com AND http://officeupdate.microsoft.com
Security tango site: http://www.securitytango.com
This concludes this viruswarning notice.
Cheers
Lee Drake
Aztek Computer Solutions, Inc.
274 Goodman Street North Suite B269
Rochester, NY 14607
www.azcomputer.net
ldrake@azcomputer.net Phone: 585-242-2060
Fax: 585-242-9441
Cell: 585-509-0284
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|