Results 1 to 7 of 7
  1. #1
    New Lounger
    Join Date
    Nov 2002
    Location
    Ojai, California, USA
    Posts
    14
    Thanks
    0
    Thanked 0 Times in 0 Posts

    re: Security Update vs Critical Updat (XP Home)

    Hello,

    I had the exact same question as Bobsen, I recently had to do a clean install. Thanks for the replies. However, windows update has updates termed "critical updates" and ones termed "security updates". Woody's says in a recent newsletter to only install the Critical updates. I am wondering if his term critical includes security updates as well. I have installed the critical updates and am now pondering the security updates. Woody's said some folks had problems with Q818529. I have about 22 security updates to install and still feel somewhat uncomfortable doing it. Maybe I will just do a couple at a time for a few days, then I will know which ones may be (if any) causing problems. I just ran the ScanIt browser test and it found 2 vunerabilities (and I use Zone Alarm Pro)...so guess i will begin installing. OR maybe I should just buy and install OPERA browser and forget IE. (smile)

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: re: Security Update vs Critical Updat (XP Home)

    As was remarked in the other thread, Microsoft seems to have ironed out the wrinkles in the updates that are currently available for Windows XP, so there is no objection to installing them. On the other hand, you probably don't need ALL of them. If you follow the link provided for each update on the Windows Update site, and read the technical details, you'll find that some patches are only necessary in a network environment, others only if you run webserver softwate on your PC, etc., and still Microsoft recommends all users to install them. It's up to you to decide if you want to spend some time reading through all these security bulletins, or just go ahead and install them all.

  3. #3
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: re: Security Update vs Critical Updat (XP Home)

    Nancy--

    Most all of the updates are security updates, but some are called critical because they are targeting the biggest risks with the most potential for exploit. Some patches came out that slowed some people down and caused other problems and it helped give the hotfixes or patches a bit of a black eye, but they have intensified the testing and are trying to get them problem free and as Hans says they are doing that. So I'd go on and feel comfortable installing what applies to your machine. As for the newer ones, you can take a wait and see approach for a couple weeks and see if comments show up here or Woody or any of the other places. CNET News is a good source and the writers are skimming a lot of other good sources, it's a daily (often updates on weekends too); this is an example of an alert today and it'll pick up on patch problem quickly as well if word starts.

    SMBP

  4. #4
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: re: Security Update vs Critical Updat (XP Home)

    SMBP,
    The two latest hotfixespatches from today seemed to install fine. No apparent problems at all. <img src=/S/crossfingers.gif border=0 alt=crossfingers width=17 height=16>

    Bob
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  5. #5
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: re: Security Update vs Critical Updat (XP Home)

    I have them in too, Bob. The installing can be, but has not been the big problem as you know. It's that the ones that caused slowing down really made a number of people gun shy and now once bitten they're a little reluctant to dive in and pet that dog. The fortunate thing as cowboydawg pointed out the other day of course is that as far as I know, the problem patches are not causing any permanant serious damage, and they can be uninstalled easily from Add/Remove or if need be for some reason from the Registry.

    If someone wants to be cautious--for example I noticed Mark (WW) who watches this closely has said he would wait on SP4 for 2000 and see how it plays--you can say what are my odds (not bad at all) running a decent firewall to be hurt by these other exploits discovered in XP or IE, waiting a couple weeks or a month so if problems pop up they can be ironed out, and then if the patch or Service Pack is going smoothly and no bad press at all the usual places, you could feel good about putting it in and should get the "critical" ones in at least. I also recognize that while by now Home machines are often just as important for production whose importance is now getting into a lot of age groups and important for home work and school, it's a different decision for a large or small business IT personnel who have responsibility for a large number of production machines.

    SMBP

  6. #6
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: re: Security Update vs Critical Updat (XP Home)

    Nancy,
    If you are to look at the web page for Windows XP, you will see that there is ONLY three types of updates:
    Critical <font color=red>(security updates will be included here)</font color=red>
    Windows XP <font color=red>(Check to see if you want these, they are NOT required in most cases)</font color=red>
    Driver <font color=red>(I use drivers from the device OEM)</font color=red>

    The security updates can be down loaded earlier in the game by going to the correct KB page, or wait a day or two and let others test them for you and then install them when they appear at the WU page.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  7. #7
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: re: Security Update vs Critical Updat (XP Home)

    Dave--

    The two I installed today were classified "critical" and "important" and these words are semantics if it hits your machine that Symantec can't remedy. The third one issued today was for Microsoft ISA Server 2000 and deemed important.

    From the MicrosoftTech Net Security Bulletin Service

    1) Title: Unchecked Buffer in Windows Shell Could Enable System
    Compromise (821557)
    Date: 16 July 2003
    Software: Microsoft® Windows ® XP
    Impact: Run code of attacker's choice
    Max Risk: Important

    2)Title: Buffer Overrun In RPC Interface Could Allow Code
    Execution (823980)
    Date: 16 July 2003
    Software: Microsoft® Windows ® NT 4.0
    Microsoft Windows NT 4.0 Terminal Services Edition
    Microsoft Windows 2000
    Microsoft Windows XP
    Microsoft Windows Server 2003
    Impact: Run code of attacker's choice
    Max Risk: Critical
    Bulletin: MS03-026


    __________________________________________________ ______________________

    "This is one of the worst Windows vulnerabilities ever," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso Viejo, Calif., whose researchers discovered similarly dangerous flaws in at least three earlier versions of Windows."

    -------- By TED BRIDIS The Associated PressWednesday, July 16, 2003; 11:00 PM


    Washington Post: Microsoft Admits Flaw in Windows Structure
    Government Agency Warns of Windows Flaw UK



    Of the updates since the launch for all categories, the vast majority have been for XP, (probably in the high 80's if not 90 percentile) and if you take the subset critical updates, the vast majority of those designated critical were for XP as well. I'd say the ones today were fairly worth putting in. It sometimes takes more than two days, more like 2-4 weeks for the penetration of a buggy patch to be weighed.

    This article is somewhat interesting:

    Microsoft and Dell Awarded Homeland Security Work

    "Microsoft wants to boost sales to government anti-terrorism and security agencies. The company has been working to reassure federal authorities who said they were concerned about Microsoft security after the Sept. 11 terrorist attacks."

    The bottom line is that it is convenient and safe to get notifications or security bulletins from the Microsoft Technet Security Bulletin service, you can afford to wait a while to say how they play and your odds are good. After all, it is a documented fact that for eleven weeks prior to SP1's release a short time afterthe Windows XP launch, on November 9, 2002 Microsoft had witheld one of the most serious threats and vulnerabilities to a Windows Operating System in history--the PC Health file c:windowsPCHEALTHHELPCTRSystemDFSuplddrvinfo.htm that could destroy all your information. This was of course done to protect sales of the new operating system and it certainly did not put public computer safety first:

    Microsoft Holds Back Fix For Eleven Weeks For Windows XP

    SP1 Fixes Huge Security Flaw Witheld From Public 11 Weeks

    Since SP1 was released there have been nearly 120 security patches/hotfixes.

    SMBP

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •