|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
Newsletter Archives
-
Ten bulletins, 31 patches, a million potential problems
There’s a huge crop of patches waiting for you, covering 31 separate vulnerabilities, and I dunno-how-many different downloads.
As usual, the best overview is at the SANS Internet Storm Center.
Bottom line (tell me if you’ve heard this one before): don’t use Internet Explorer. Apparently none of the bad problems (except the ones in IE) have exploits that you need to worry about. Don’t apply any patches until the screams have subsided.
We remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Oh. Don’t forget to patch Acrobat Reader, if you have it. Adobe just fixed 13 security holes in Reader. You could take advantage of the unease you’re feeling right now and install Foxit reader, which works just fine most of the time and has a significantly better track record for fixing security holes.
An interesting note: several of you have asked how Microsoft and industry pundits count the number of bugs: Gregg Keizer at ComputerWorld reports, for example, that this monster set of patches fixes 31 security holes – a record, by his estimation. Brian Krebs at the Washington Post echoes the statement. Brian credits Symantec.
All of these people are counting the number of CVEs that Microsoft claims to fix in the security bulletins. CVEs are “Common Vulnerabilities and Exposures” listed and maintained by the MITRE organization, which is an independent non-profit originally associated with MIT. Each CVE number corresponds to one or more identified security holes. While the CVE count is a better indicator of how many holes have been patched than the number of security bulletins, it frequently doesn’t differentiate between different versions of programs, and other subtleties.
-
MS-DEFCON 2: Lock your machines down
With June’s Black Tuesday crop of patches imminent, now’s the time to make sure all of your computers are set to “Notify but don’t download” updates. Instructions are in any of my books, or click Start | Control Panel | Security Center and take it from there.
There’s a big crop of patches coming. I suggest you sit back and let the pioneers get the arrows in their backs.
We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
‘Minority Report’ coming to NYC
by 3 hours, 22 minutes ago
-
Apple notifies new victims of spyware attacks across the world
by 3 hours, 28 minutes ago
-
Tracking content block list GONE in Firefox 138
by 2 hours, 53 minutes ago
-
How do I migrate Password Managers
by 3 hours, 6 minutes ago
-
Orb : how fast is my Internet connection
by 25 minutes ago
-
Solid color background slows Windows 7 login
by 15 hours, 9 minutes ago
-
Windows 11, version 24H2 might not download via Windows Server Updates Services
by 13 hours, 39 minutes ago
-
Security fixes for Firefox
by 1 hour, 46 minutes ago
-
Notice on termination of services of LG Mobile Phone Software Updates
by 1 day, 1 hour ago
-
Update your Apple Devices Wormable Zero-Click Remote Code Execution in AirPlay..
by 1 day, 10 hours ago
-
Amazon denies it had plans to be clear about consumer tariff costs
by 1 day, 1 hour ago
-
Return of the brain dead FF sidebar
by 13 hours, 8 minutes ago
-
Windows Settings Managed by your Organization
by 12 hours, 17 minutes ago
-
Securing Laptop for Trustee Administrattor
by 13 hours, 17 minutes ago
-
The local account tax
by 14 hours, 29 minutes ago
-
Recall is back with KB5055627(OS Build 26100.3915) Preview
by 1 day, 23 hours ago
-
Digital TV Antenna Recommendation
by 1 day, 16 hours ago
-
Server 2019 Domain Controllers broken by updates
by 2 days, 11 hours ago
-
Google won’t remove 3rd party cookies in Chrome as promised
by 2 days, 13 hours ago
-
Microsoft Manager Says macOS Is Better Than Windows 11
by 2 days, 16 hours ago
-
Outlook (NEW) Getting really Pushy
by 1 day, 19 hours ago
-
Steps to take before updating to 24H2
by 3 hours, 34 minutes ago
-
Which Web browser is the most secure for 2025?
by 1 day, 23 hours ago
-
Replacing Skype
by 1 day, 12 hours ago
-
FileOptimizer — Over 90 tools working together to squish your files
by 2 days, 10 hours ago
-
Excel Macro — ask for filename to be saved
by 1 day, 8 hours ago
-
Trying to backup Win 10 computer to iCloud
by 1 day, 11 hours ago
-
Windows 11 Insider Preview build 26200.5570 released to DEV
by 4 days, 16 hours ago
-
Windows 11 Insider Preview build 26120.3941 (24H2) released to BETA
by 4 days, 18 hours ago
-
Windows 11 Insider Preview Build 22635.5305 (23H2) released to BETA
by 4 days, 18 hours ago
Remembering Woody
