Microsoft’s instructions for disabling AutoRun in Windows XP, which I referred to last week, pointed to an incorrect Registry key.
It’s easy to find the correct key, however, and understanding this Registry tweak can give you fine-grained control over the kinds of external media that AutoRun is allowed to work on.
If you installed XP Service Pack 3 or Windows Server SP2 after September 2008, you need to reapply an important security update.
In addition, if Windows Update offers your XP or Server 2003 system Microsoft’s security bulletin MS08-067 patch, you should install it — even if you’ve previously done so.
Nearly 18 months after it was discovered, Microsoft has finally fixed a hole in the AutoRun function of older Windows versions that allowed viruses to spread via external storage devices.
While it’s good to know Microsoft is finally listening to the complaints of the Windows community, the company’s delay in applying important patches put our systems at risk unnecessarily.
We’re seeing the first exploits attempting to take advantage of the Internet Explorer vulnerabilities addressed in this month’s security update from Microsoft.
The fix causes pages on some trusted sites to stop loading, which requires a patch of its own.
One of the updates released by Microsoft this week causes some applications using Visual Basic controls to fail.
The short-term solution is to remove the update, but be sure to reinstall it once your VB apps have been corrected.
The lone patch for January addresses three vulnerabilities that some experts claim will be the next big worm event.
While the threat to Windows users may not be quite so dire, be sure to reboot after you install this patch, even though Windows Update may not prompt you to do so.
Please stop your holiday preparations long enough to apply this week’s important security update for Internet Explorer.
While most of the sites that currently host the so-called XML exploit are located in Asia, this attack on IE is likely to spread quickly to other sites, so make sure to update your PCs with this patch before using Microsoft’s browser for anything else.
There’s no fix yet for Tuesday’s remote-code-execution exploit, which has already been found circulating in the wild.
Windows users should switch to a browser other than Internet Explorer until Microsoft releases a patch for this IE security hole.