|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Windows 7 crasher in the wild
Posted on November 13th, 2009 at 17:20 5 commentsSANS Internet Storm Center reports that a guy by the name of Laurent Gaffie has posted a code sample that crashes Windows 7. The press has picked it up and branded it a “0day attack” which is literally true, but there’s much less there than meets the eye.
At least at this point, the 0day can only freeze Windows 7. It can’t take over anything. But that makes it annoying, and potentially amusing to the kind of cretin who gets a kick out of freezing Windows 7 machines.
A link to a server running this code could easily be embedded in a web page or email, pointing out to a server on the internet - this exploit is not isolated to corporate networks doing file sharing.
So if someone tells you that the sky is falling on Windows 7, you have my permission to yawn a bit.
If somebody figures out a way to exploit the hole in SMB that this 0day uses, we’ll have a whole new ballgame. But for now it’s merely annoying.
-
MS-DEFCON 2: A record number of MS patches
Posted on October 14th, 2009 at 14:45 1 commentBlack Tuesday has come and gone, and Microsoft unleashed 34 – count em – 34 separately identified security patches, contained in 13 security bulletins numbered MS09-050 to MS09-062.
The SANS Internet Storm Center List covers the highlights. The really disconcerting one is the first one – MS09-050 fixes a hole in Vista and Server 2008 that can be exploited remotely.
I haven’t heard of anybody getting infected yet, but as soon as this baby has hit the big time, I’ll yell real loud and tell you to patch it.
In the interim, hang in there, turn off Automatic Updates, and let’s see what crashes.
I’m moving us to MS-DEFCON 2, Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it, with the caveat that Vista users need to keep an eagle eye on this page.
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)