|
 |
|
 |
| Tuesday, February 07, 2012
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
kevin |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
56 |
 |
People Online: |
 |
Visitors:
5 |
 |
Members:
0 |
 |
Total:
5 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
Lee Drake
Posts:238
 |
| 12/18/2004 10:17 AM |
|
| What it is
On Thursday many of you Windows XP users may have noticed the little "world" flashing in your system tray and a notification that new updates had arrived. If you have automatic updates turned on, and an automatic installation time set for Windows XP you may already have the updates, but if not - it's important to either click on the world and install the updates or go to the http://windowsupdate.microsoft.com site and download the latest. If you don't have automatic updates turned on it's even more important to visit the site and be sure you're up to date. Server owners should update their servers as well, since many of these updates apply to server users.
The updates affect virtually every Microsoft operating system (including the older Windows 98-ME operating systems), as well as Internet Explorer. They are numbered MS04-40 through MS04-45. They affect the following subsystems, and many will fix code that would allow a hacker to take over your system completely:
WINS system (Windows internet naming system)
Wordpad
Internet Explorer
DHCP Services
Hyperterminal
LSASS (A windows kernel function)
Remember that hackers typically launch worms before the holidays to take advantage of the fact that professionals would rather be out celebrating with their families than fighting a virus or worm. Even if you don't normally run these applications, sometimes the hacker can use file extensions, specially crafted URL's or other methods to get their software run under these applications. It's best to update them all even if you don't use them normally. Especially the Internet Explorer issues might allow a spybot installer onto your system if left unpatched. Also, although they are security updates, many of these updates only appear if you go to the Windowsupdate site and select to do a custom check (rather than an express check) as they are not labeled as "critical".
For a complete grid of which updates affect which operating systems check this web page:
http://www.microsoft.com/technet/security/bulletin/ms04-dec.mspx
and click on "Affected Software and Download Locations"
What you should do
We recommend that you manually visit http://windowsupdate.microsoft.com and when it asks you whether you want to perform an Express install or a Custom install, choose Custom install. Be sure to select all the OPTIONAL updates, including the .NET updates that appear in that list (if applicable). After running your custom install and rebooting, go to http://windowsupdate.microsoft.com and repeat the procedure until no updates are left. If you haven't yet installed XP Service pack 2, support for the non-SP2 version ends at the end of January - you might want to choose now to install it. We highly recommend installing SP2.
While you're at it, you might also want to check http://officeupdate.microsoft.com and update your office software. At the very least if you have Office System 2003, there should be some updates to the spam filtering software for Outlook, which are handy to have.
Additional Resources
Summary and grid of updates: http://www.microsoft.com/technet/security/bulletin/ms04-dec.mspx
Security bulletin summary: http://www.microsoft.com/security/bulletins/200412_windows.mspx
MS04-040 - Internet Explorer update: http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx
MS04-041 - Wordpad update: http://www.microsoft.com/technet/security/bulletin/MS04-041.mspx
MS04-042 - DHCP Server update: http://www.microsoft.com/technet/security/bulletin/MS04-042.mspx
MS04-043 - Hyperterminal update: http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx
MS04-044 - Windows kernel and LSASS update: http://www.microsoft.com/technet/security/bulletin/MS04-044.mspx
MS04-045 - WINS update: http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx
Windows update: http://windowsupdate.microsoft.com
Office update: http://officeupdate.microsoft.com
Lee Drake
Aztek Computer Solutions, Inc.
274 N. Goodman St Suite B269
Rochester, NY 14607
the human side of computing
Email: ldrake@azcomputer.net
Web: www.azcomputer.net Office Phone: 585-242-2060
Fax number: 585-242-9441
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|
|
|
|
|