• MS-DEFCON 3: Get patched, but beware

    It’s time to get caught up on your Microsoft patches.

    But there’s a problem. One of the patches is still causing problems – and we have several people posting here with details.

    Usually I try to use a green-light/red-light approach: either I recommend that you avoid all of the current patches, or I recommend that you install all of them. Keeping track of individual patches is a headache for most of you – and I don’t blame you for not wanting to sift through Microsoft’s detritus.

    This month, though, I really don’t have much of an option. The other December 2012 Black Tuesday patches are working well enough, and I figure you really should get them installed. 

    So here’s what I recommend. Go ahead and install all of the outstanding Microsoft patches EXCEPT MS12-078, which is identified in your Update list as KB 2753842. I haven’t heard of any real-world exploits that take advantage of that security hole, but I sure have heard a lot of wailing from people who have been zapped by it.

    While you’re thinking of it, if you run Internet Explorer 6, 7 or 8 (Nota Bene: if you have Windows XP, you are running IE 6, 7 or 8), you need to apply a Microsoft Fixit to plug a gaping hole in IE that’s currently being exploited. 

    A far better solution is to upgrade to IE 9, but if you have Windows XP that isn’t an option.

    To apply the Fixit, go to the Microsoft Security Advisory page, KB 2794220, scroll down and click on the first Fixit link that you see. (The second Fixit on the page is very poorly marked, but it’s the Fixit that undoes the first Fixit.) That’ll run a very simple program that plugs the security hole in IE 6, 7 and 8.

    To recap: Install all outstanding Microsoft patches, except MS12-078 / KB 2753842. And if you’re using IE 6, 7 or 8, and can’t upgrade to IE 9, run the Fixit.

    I’m moving us down to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

    Oh. One other important note. Usually Susan Bradley’s Patch Watch column in Windows Secrets Newsletter only appears in the paid version. (In a unique twist, you get to decide how much you want to pay for a subscription.) This week, though, Patch Watch appears in the free and online versions of the newsletter. If you’ve never read Susan’s columns, you should take a look. They’re by far the best source of understandable, detailed, unbiased advice about Microsoft patches you’ll find anywhere.