Results 1 to 7 of 7
  1. #1
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Warrington, Cheshire, England
    Posts
    712
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Absolutely baffled

    Hi loungers.
    Boy, do I hope you can help. I am totally baffled by Microsoft.
    1. The national press/TV/radio/everything here in the UK has been screaming about "Security experts uncover largest ever hole in Windows. Everybody's PC is vulnerable etc etc". The BBC website carried this report and also said that end users should log on to the MS website and download 'the patch'. I've just spent about two hours looking for something that looks like the thing 'everybody' is talking about. Can someone shed some light on this dim lounger here, please? I want to know where to go, what to look for and how to get it.
    2. I clicked on Windows Update (I thought this might give me some clue to question 1 - but apparently not). However, I have been a naughty boy and am behind with my critical updates. I selected Windows 2000 Service Pack 4 ONLY ie 1 update selected. This is sized at 598Kb. I downloaded it and installation started. I followed the set up wizard instructions and (eventually) it told me that it was downloading 30Mb and it would take 140 minutes. Now I know I'm thick, but what's going on, please? Either the critical update is 598Kb or it ain't. Again, can someone shed some light on this please?
    I am not a happy bunny at this very moment! <img src=/S/hairout.gif border=0 alt=hairout width=31 height=23>
    Thanks
    Silverback

  2. #2
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Absolutely baffled

    The BBC article refers to these security updates. The updates are available via Windows update.

    As for the discrepancy in sizes for downloads. The 589kb program is used to scan your system to establish what components of service pack 4 you need, and in your case it established that you need 30Mb to be downloaded. Service packs incorporate previous patches, so if you already have a particular patch installed then it will not be downloaded again when you use this method to update your system.

    Once you have installed Service Pack 4 it is best to run Windows Update again to see if any new items appear.

  3. #3
    Silver Lounger
    Join Date
    Apr 2001
    Location
    New York, New York, USA
    Posts
    2,328
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Absolutely baffled

    I will try to answer some of your questions. First of all, the "largest ever hole in Windows" maybe irrelevant for you - everything depends of how do you use your computer. It is always better to read "technical details" in corresponding Microsoft Security Bulletin article. And you will see, for example, something like this:

    "Because ASN.1 is a standard for many applications and devices, there are many potential attack vectors. To successfully exploit this vulnerability, an attacker must force a computer to decode malformed ASN.1 data. For example, when using authentication protocols based on ASN.1 it could be possible to construct a malformed authentication request that could expose this vulnerability."

    That means, the attacker must lure you to visit, say, his webpage and when he send "malformed authentication request", your slow dial-up connection become much more slower and you will disconnect your computer, or your computer response to attacker will be so slow, that he can do practically nothing. Can you ever try to operate the remote computer through dial-up connection (to help your friend, for example)? I swear, it's a pain in the neck.

    Now, about updates. To me, it is better to download the update first and install it next. This way you ran save the updates (on CD-R, for example) and use them once again if necessary. To download the updates, do next:
    1. Connect to http://windowsupdate.microsoft.com
    2. On the left pane, click "Personalize Windows Update" under "Other Options"
    3. On the next screen, check "Display the link to the Windows Update Catalog under See Also" checkbox and click "Save Settings" button.
    4. On the left pane, you will see the link you requested. Click on it.
    5. On the next screen, click "Find updates for Microsoft Windows operating systems"
    6. On the next screen, choose your version of Windows, click "Search" button, etc.

    You can order SP-4 for Windows 2000 on CD. In UK, use http://www.microsoft.com/uk/windows/service-pack4.aspx and follow the link.

    If your version of Internet Explorer is lower than 6 SP1(Help | About Internet Explorer), download the latest version (unfortunately, IE 6 SP1 CD is available in US and Canada only). Be prepared: after downloading a small installaton file, it will be a huge download. Download the latest security patch for it ( now it is Cumulative Security Update for Internet Explorer (832894). If you didn't install it yet, install it immediately (this update is for all versions of Internet Explorer) - it contains all the patches.

    And update your Antivirus virus definitions regulary - at least once a week, better check for updates every day!

    I hope my advice will help you.

  4. #4
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Absolutely baffled

    You can always go to a number of urls that spinoff www.microsoft.com/security any time something like this comes up. MS Technet has all the security bulletins listed. That'll give you context and the links to download them if you want. Or you can read the context and then just use Windows Update. This last one fix was made available 200 days or 6 and 2/3 months after it was reported to MS--they test a lot before release--Blaster's success was an example of patch phobia and paranoia.

    200 Days to Fix Broken Windows
    Microsoft Warns of Widespread Windows Flaw
    MS Security Feb Update and Sec Bulletin Search
    MS Security Newsletter Free
    Security Bulletin Notification
    Technet Security Home
    Technet IT Pro Security Home

    SMBP

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Absolutely baffled

    For what it's worth, I think a rogue web site is not the only threat. There are numerous ways to engage in a conversation with Windows about authentication, from normal inside-the-LAN file sharing to HTTP service requests on port 80. We don't yet know that we can rule out the possibility of an attack in which a single packet sent to one of these ports could smash the stack (a la SQL Slammer). And it may be months before that is tried and accomplished. Anyone not installing this patch had better have a well setup firewall.

  6. #6
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: Absolutely baffled

    The update you are asking about, Microsoft Security Bulletin MS04-007, is about ASN.1 Vulnerability Could Allow Code Execution. The patch # is 828028 & it's available to download or install from there.
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  7. #7
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Warrington, Cheshire, England
    Posts
    712
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Absolutely baffled

    Thanks to everyone who's replied. You are a great bunch.
    I now have the patch - and also understand why some downloads are but a fraction of the actual stuff which has to be installed.

    Thanks to all of you for being gentle with me!
    Silverback

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •