Patch Watch

QuickTime, iTunes install Safari — like it or not

The auto-update routines for QuickTime and iTunes, two programs that play multimedia files, have quietly begun installing Apple’s Safari browser unless PC users are sharp enough to turn off a little-noticed option.

This week’s abomination makes me question the entire concept of trusting auto-update mechanisms as a way of seeking better security.

Read More »

Server 2003 may have ‘critical’ flaw, MS says

In a change from its earlier statements, Microsoft now reports that some versions of Windows Server 2003 have a security flaw rated “critical” rather than merely “important.”

If you didn’t install security bulletin MS08-001 after its release on Jan. 8 — because you didn’t feel you really needed it when it first came out — you should make time now to test your box and install the patch.

Read More »