|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
MS-DEFCON 4: Go ahead and get patched
Posted on June 4th, 2012 at 21:29 14 commentsIt looks like Microsoft has finally fixed the “dependency” problem that led to widespread panic when folks with Automatic Update turned on discovered that they had three patches that wouldn’t install.
I’m still not happy with this month’s .NET patches – there’s been so much clamor about the three patches that wouldn’t install, it’s hard to tell what other problems may exist. Still, I haven’t heard of any specific problems, so I’m going to give the go-ahead.
There’s a new out-of-band patch, just out of the chute, that I talk about in the next post. Security Advisory 2718704 raises some soul-searching questions about the methods Microsoft uses to generate security certs. For now, it’s a good idea to get that patch installed, too.
I’m changing us to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.
Get all of the Microsoft patches applied, then turn off Automatic Updates (see the tab above). We’ll see how much damage next week’s Black Tuesday brings.
-
When is a security cert not a security cert?
Posted on June 4th, 2012 at 21:21 4 commentsWhen it’s a Microsoft security cert, of course.
Microsoft just sent an out-of-band patch down the Automatic Update chute. It plugs one of the (many) holes used by the “Flame” malware.
While I figure none of you are susceptible to Flame – the whole thing’s been overblown – you may be susceptible if some cretin figures out how to use the security certificate signing technique to generate a different cert.
Microsoft has details in Security Advisory 2718704 . Brian Krebs has an excellent synopsis on his site.
I’m about to change the MS-DEFCON level to 4. This patch is good incentive.
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- NEW >> Windows 8 All-In-One For Dummies
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)