Results 1 to 7 of 7
  1. #1
    Star Lounger
    Join Date
    Mar 2002
    Location
    California, USA
    Posts
    89
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Homeland Security recommendation to install patch

    <P ID="edit" class=small>(Edited by DaveA on 09-Aug-06 14:15. Added URL code)</P>Just saw this on zdnet. http://news.zdnet.com/2100-1009_22-6103805.html

    Has anyone installed this patch yet? and if so have there been any problems?

    Or is the OHS really over reacting on this to get attention away from NSA / Iraq / Iran / Israel vs Lebanon / Korea / etc?

  2. #2
    Silver Lounger Duchess843's Avatar
    Join Date
    Apr 2002
    Location
    Sicklerville, NJ
    Posts
    2,488
    Thanks
    36
    Thanked 0 Times in 0 Posts

    Re: Homeland Security recommendation to install patch

    I just installed the patch and rebooted with no problems. I'm not sure if it was a diversion or not, but why take that chance.
    <img src=/S/coffeetime.gif border=0 alt=coffeetime width=32 height=48>

  3. #3
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Homeland Security recommendation to install patch

    That patch was part of MS "Update Tuesday" batch of hotfixes.

    They ( MS ) even red lined the patch.

    Thanks for the Heads Up though.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  4. #4
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: Homeland Security recommendation to install patch

    OMG Gloria !!!!! <img src=/S/yikes.gif border=0 alt=yikes width=15 height=15> Didn't you know that patch contained Service Pack 2 ????? Microsoft always said that SP2 gave you better security. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

    This was a conspiracy between the US Government and Microsoft to get all the laggards to install SP2. <img src=/S/laugh.gif border=0 alt=laugh width=15 height=15>

    <img src=/S/whisper.gif border=0 alt=whisper width=29 height=17> Just teasing Gloria.
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  5. #5
    Silver Lounger Duchess843's Avatar
    Join Date
    Apr 2002
    Location
    Sicklerville, NJ
    Posts
    2,488
    Thanks
    36
    Thanked 0 Times in 0 Posts

    Re: Homeland Security recommendation to install patch

    I'm going to get you for that. My hair stood straight up when I read your post. I'm afraid that Microsoft will have to trick me into installing SP2. I still can't work up the courage (what's wrong with me)? Don't you dare answer that.
    <img src=/S/coffeetime.gif border=0 alt=coffeetime width=32 height=48>

  6. #6
    Silver Lounger
    Join Date
    Oct 2002
    Posts
    1,993
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Homeland Security recommendation to install pa

    I don't know about others (and it isn't my "Homeland Security"), but it would be great if the patch was mentioned by name in this thread. One can always click this or that link, but mentioning the patch is good if one asks about others experiences.

    As Bob mentioned, it is (obviously) one from the "patch Tuesday" batch.

    It is the Vulnerability in Server Service Could Allow Remote Code Execution (921883), Microsoft Security Bulletin MS06-040

    It is overall rated as critical (Win2000 - Win Server 2003 SP1). Problems, if any, can be different between OS and systems. I have not applied this patch yet, but it is only a matter of time before I do. You can for instance look at askwoody for information about problems with a particular patch.

    Many, many times if one takes a look at the bulletin, that follows with the patch, and look at General Information > Vulnerability Details > Workarounds, one finds in cases like this that if you block some ports, use a firewall etc. then you already have blocked known attack vectors. I DO NOT say that one should use the workarounds instead of the patch. That is only for rare cases when a patch cannot be applied, but the information given there can sometimes give a hint how severe the problem is.

    SANS: MS06-040 exploit(s) publicly available
    "The current exploit seems to be working on all Windows 2000 systems and Windows XP SP0 and SP1."

    So it seems to be good that our fellow Loungers on SP1 applied the patch.

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Homeland Security recommendation to install pa

    The problem for businesses is that it is no longer safe to assume that everything inside the corporate firewall is "clean." Between laptops visiting public wi-fi networks, spyware allowing remote control, and strangers plugging in in the conference room, an attacker could end up inside the firewall where for administrative or functionality reasons it is not feasible to firewall every PC. So patching really is necessary, preferably sooner rather than later.

    (Not that I want to stop working for 20 minutes to update my laptop right now, but maybe during lunch. <img src=/S/grin.gif border=0 alt=grin width=15 height=15> )

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •