Woody Leonhard’s no-bull news, tips and help for Windows and Office
RSS icon Email icon Home icon

  • Ten bulletins, 31 patches, a million potential problems

    Posted on June 10th, 2009 at 07:06 woody 11 comments

    There’s a huge crop of patches waiting for you, covering 31 separate vulnerabilities, and I dunno-how-many different downloads.

    As usual, the best overview is at the SANS Internet Storm Center.

    Bottom line (tell me if you’ve heard this one before): don’t use Internet Explorer. Apparently none of the bad problems (except the ones in IE) have exploits that you need to worry about. Don’t apply any patches until the screams have subsided.

    We remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

    Oh. Don’t forget to patch Acrobat Reader, if you have it. Adobe just fixed 13 security holes in Reader. You could take advantage of the unease you’re feeling right now and install Foxit reader, which works just fine most of the time and has a significantly better track record for fixing security holes.

    An interesting note: several of you have asked how Microsoft and industry pundits count the number of bugs: Gregg Keizer at ComputerWorld reports, for example, that this monster set of patches fixes 31 security holes – a record, by his estimation. Brian Krebs at the Washington Post echoes the statement. Brian credits Symantec.

    All of these people are counting the number of CVEs that Microsoft claims to fix in the security bulletins. CVEs are “Common Vulnerabilities and Exposures” listed and maintained by the MITRE organization, which is an independent non-profit originally associated with MIT. Each CVE number corresponds to one or more identified security holes. While the CVE count is a better indicator of how many holes have been patched than the number of security bulletins, it frequently doesn’t differentiate between different versions of programs, and other subtleties.

    Windows Patches/Security , , , ,
     

    11 responses to “Ten bulletins, 31 patches, a million potential problems”

    1. john June 10th, 2009 at 19:05

      hi woody i have a program called cyberlink dvd suite deluxe and it has in it a feture called create a disk image that is what you were saying before to do a dvd image before downloading updates so is that what i should do create a disk image and if it is should i use create a disk image in cyberlink dvd suite deluxe to do the disk image?

    2. EP June 10th, 2009 at 22:34

      New ActiveX KillBit patch: KB969898
      Replaces KB960715. Also good to avoid installing as KB969898 can do the same thing as KB960715. Break several programs that use certain ActiveX controls.

    3. woody June 11th, 2009 at 07:30

      John -

      Creating and restoring a disk image is something I’d much rather avoid – it’s messier than you think.

    4. sanda June 11th, 2009 at 20:23

      I have a recurring problem based on still being a newbie…I would like to install the suggested foxit reader. I went to the link.
      There are 3 items listed and I don’t know what to do.

      Here’s what I think I’ve done when installing
      or possibly only downloading software in the recent past. I had been downloading the Adobe Reader 10 (I have 8) and I don’t think I installed it. I learned when getting the new
      AVG8.5 free (which doesn’t patch updates at the start of computer use daily like the old one), that I got it to my desktop (screen) and then had to install it. Am I clear?

      I think I have stuff on my desktop that’s not installed. (Yes, I know, “go to control center and look”)

      Ques. What do I pick of the 3 foxit listed via the link? What is the sequence for installing? (I know about downloading a wizard/installer but memory is blank after that. Will it guide me through?)

    5. woody June 12th, 2009 at 08:48

      Sanda -

      Go to http://www.foxitsoftware.com/ . On the left, click the box marked Get the Free Foxit Reader. On the left, click Free Download.

      If you’re using Firefox (and you are, yes?), you see a dialog box that says Opening FoxitReader30_enu_Setup.exe. Click Save File.

      Firefox shows you a list of the files you’ve downloaded lately. Double-click FoxitReader30_enu_Setup.exe. Then follow the instructions.

      If you have stuff on your desktop that isn’t installed, you may have to double-click on the icon to install it. Generally the installer is smart enough to know if the package is already installed.

    6. john June 13th, 2009 at 23:45

      hi woody i have this pop up that pops up automaticly on its own and when i hit cancel it goes right into the scan this is what it is [edited-W]powerantivirusscannerv2.blah.blah [end edit] do you have any idea why this is happening and how to get it off my cp any help would be supper appreciated :)

    7. sanda June 16th, 2009 at 19:04

      I did it. Good instructions, as always, the best. Question: Do I need both Foxit reader and Adobe Reader? Do some things need one or the other? (I have to upgrade the Adobe Reader.)
      I am always unsure about uninstalling anything (which is ques.2).

    8. sanda June 16th, 2009 at 19:44

      Tool bars: When I got firefox, I got theirs. I like it. Then when I got AVG8.5free, I got that tool bar. If I remove it, will I lose anything? Then I got foxit and their tool bar.
      My screen size is getting too small. I remember from your 9books in one, …for Dummies XP that you have nothing as default screen (I think). I’d like minimum, keeping
      benefits.

    9. woody June 17th, 2009 at 08:26

      You can remove any browser toolbar with impunity. Any.

    10. woody June 17th, 2009 at 08:27

      I’ve hit very rare occasions when a page didn’t open correctly with Foxit. There’s no reason to uninstall Adobe Reader. Keep it updated, but don’t use it…

    11. rcprimak June 18th, 2009 at 01:12

      Sanda —

      That AVG Toolbar is responsible for some (though not all) of the browser slowdowns (especially in Firefox) which AVG may cause on some computers. The other big slowdown is the AVG Link Scanner, which is an Active Shield, located within the AVG Program Settings. Disable both. The toolbar, last I checked, could not be removed, but it can be disabled and hidden from view. Either way, it should not be left active, IMHO.

    Leave a reply

Search

Ads by Google

Windows and MS Office books by Woody Leonhard

Support AskWoody.com
Click on this list to get Woody ’s books at Amazon.com



More Ads by Google

 

July 2010
M T W T F S S
« Jun    
 1234
567891011
12131415161718
19202122232425
262728293031  
Powered by WordPress
Theme designed by My Mobiles, modifications by PapayaSoft