The lone patch for January addresses three vulnerabilities that some experts claim will be the next big worm event.
While the threat to Windows users may not be quite so dire, be sure to reboot after you install this patch, even though Windows Update may not prompt you to do so.
Please stop your holiday preparations long enough to apply this week’s important security update for Internet Explorer.
While most of the sites that currently host the so-called XML exploit are located in Asia, this attack on IE is likely to spread quickly to other sites, so make sure to update your PCs with this patch before using Microsoft’s browser for anything else.
There’s no fix yet for Tuesday’s remote-code-execution exploit, which has already been found circulating in the wild.
Windows users should switch to a browser other than Internet Explorer until Microsoft releases a patch for this IE security hole.
People using Windows XP Service Pack 3 may not be offered all the .NET security patches their applications require.
However, if none of your PC’s programs requires a version of .NET Framework, this problem will have no impact on your system.
Installing SP3 on Windows XP eliminates the operating system’s ability to install important security patches for Microsoft’s .NET technology and possibly other software.
This problem forces XP SP3 users to apply patches manually to complete vital updates.
A vulnerability that allows remote-code execution via the Server Message Block protocol has long been known to affect all Windows PCs and servers.
This week, Microsoft finally found a way to fix the problem, first described in 2001.
Following Microsoft’s release last Friday of a critical, out-of-cycle patch, only sporadic reports of attacks based on this weakness have been received — but that may not last.
Apply the patch referred to in MS08-067 right away, because Trojan horses that take advantage of this security breach are sure to hit us soon.
A remote-code exploit that could spread rapidly like the 2003 MSBlaster worm is putting all versions of Windows at risk.
I recommend that you immediately install a patch that Microsoft has just issued to protect your system from a vulnerability in the Server service.