May 25, 2006
To auto-update or not to auto-update
I published a Woody Leonhard column as the top story last issue while I was traveling, knowing that he's opinionated and always gets strong reactions. Well, he didn't disappoint me. Reacting to several mistakes Microsoft made in its Automatic Updates downloads in April, Woody railed against Redmond's patching strategy, saying, "Windows auto-update is for chumps." Read more »
Recovering from the April patches 
After our battle scars from the April patches, Microsoft's May patches were a bit of a breather for consumers. While the Exchange patch meant homework for administrators, home users at least had a break after the "double patch" bout we had in April. But lest you think everything is rosy on the other side of the operating system, even Apple folks had to deal with their share of patch pain this month. Read more »
WinXP networking — too much, too little
It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was... Nawww... It was just Windows XP playing tricks. This past week, Windows XP networking surprised me twice. The first shocker magically solved a long-standing problem (dare I say a "bug"?) in my office peer-to-peer network. The other event scared the, uh, Dickens out of me. Read more »
The exploit market is heating up
There's more evidence to suggest that vulnerabilities are going back underground. Or at least, going to the highest bidder. I believe it's fortunate that there are a few above-board high bidders that are snapping up these exploits and keeping them off the market. Otherwise, I think things could be much worse. Read more »
Word zero-day exploit causes concern
It used to be that the term "zero-day" exploit was just a concept that companies like Microsoft treated as a myth. The idea of a vulnerability being found in one of their products and the exploit for that vulnerability coming out at the same time is something that no one wanted to believe could happen. Now, however, zero-day exploits do happen — but only sporadically. When these exploits do surface, it's a cause for concern for everyone. There is usually no defense against them until they can be understood and patches or workarounds can be made available. Such is the case with the Word zero-day vulnerability that was discovered recently. Read more »
May 11, 2006
When Automatic Updates can be harmful
For years I've been advising Windows consumers to disable Automatic Updates: Keep Microsoft's mitts off your machine until you're darn sure the proffered patches do more good than harm. I've taken a lot of flak for that heretical stance, vilified for intimating that Microsoft's patching process leaves consumers in the lurch. Bah. Recent events have proved my point conclusively: Windows auto-update is for chumps. Read more »
Patch one and find two more
That's the way it seems to go these days: Microsoft — or any software vendor for that matter — patches a piece of software, and someone goes and finds some other flaw that can be exploited. I guess that's become the price we all have to pay for working with technology; we all have to try to be one step ahead of the hackers out there. While Microsoft is no means perfect in the area of security, it is at least trying to do better. This has become clear to me after attending the Microsoft Management Summit a few weeks ago — at the same time as I've just start scratching the surface in my role as a newly awarded MVP. Don't think you can get rid of me anytime soon, though; there are still plenty of unpatched vulnerabilities out there to tell you about. Read more »
Flash causes headaches for home patchers
Last month was rough for home patchers — and this month isn't looking much better. It seems like only a few days ago we were dealing with issues with Outlook Express and Windows Shell. Here we are this month with another patch that so far looks a bit tricky to get on our boxes, especially for home users without a patch-management adminstrator. Read more »
Some excellent reasons to update Firefox
There are some interesting issues with Firefox this time around. While they do represent genuine problems with Mozilla's open-source browser, some of the details still make me happy with my decision to recommend Firefox. Read more »
