|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Protecting yourself against Aurora
Posted on January 21st, 2010 at 09:21 4 commentsWindows Secrets Newsletter just hit the stands, and the lead story by Yardena Arar has many details about the “Aurora” security hole.
There are ways to patch yourself without Microsoft’s big IE cumulative patch MS010-02, which is due any minute, but before you get your knots in a knicker, make sure you understand the scope of the problem:
Security analysts and Microsoft agree that the attacks have a high social-engineering component: the targeted victims have to trigger the attacks by clicking a link or infected attachment (commonly an Adobe PDF or Flash file) delivered in e-mail, instant messages, or other electronic communication appearing to come from a trusted source.
Stay calm. The sky isn’t falling. If this is what it takes to get Google out of the censorship business, kowtowing to a big paycheck, hey, I’m not complaining.
UPDATE: Brian Krebs just posted a very interesting article that explains why “Aurora” probably did originate in China. Actually, the evidence cited in the article tends to support the idea that the people who wrote part of Aurora are able to read Simplified Chinese, but the circumstantial evidence is compelling.
4 responses to “Protecting yourself against Aurora”
-
The IE security patches from MS Security Bulletin MS10-012 are out now. IE 5.01 SP4 for Win2000 SP4 IS also affected and there’s a patch for that one too.
-
MS10-012 is the number from Microsoft but what is the equivalent KB number for Windows Update.
I have received two Important patches
1- Update for Microsoft Silverlight (KB979202) don’t think it is one – issued 19/01/20102- Security Update for Windows7 (KB972270) issued 12/01/2010
I use Win7
Thanks
Bob -
Bob -
It’s MS10-002, KB 978207. The Silverlight patch is inconsequential. Don’t install any of them yet.
-
rc primak January 23rd, 2010 at 04:47
About Silverlight — it allows the storage of “super cookies” like Flash Player now uses. These are not cleared out by cleaning the browser cookies or caches, and CCleaner does not say it can clean them either. Neither can Firefox Better Privacy add-on. Not the kind of thing I want on my computer.
Leave a reply
-
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)