12 Critical or Important Windows Updates coming Feb 12, 2008

Wiz Feinberg · From: Mid-Michigan, USA

On February 12, 2008, Microsoft plans on releasing 12 updates, 7 of which are rated as Critical, and 5 of which are rated Important. These updates cover a wide range of currently supported Windows operating systems, including server systems and MS Office products. Internet Explorer will be receiving at least one critical patch, while the scripting engine behind it will receive two critical patches. All of these updates will require a system restart.

Critical vulnerabilities, if left unpatched, can lead to complete system takeover. Important vulnerabilities can lead to escalation of privileges by persons who have physical access to a computer, or who are able to access it remotely. The escalation of privilege can lead to subversion of the system and the installation of, e.g. keyloggers.

It is best practice to have Automatic Windows Updates turned ON and set for a time of the day when your computer will be on, but not in use for mission critical jobs. If you use your PC for business and you sign out a 5 PM, your time, set the Automatic Updates for 6 PM. Check all workstations in the morning to see if they have been rebooted, which should occur automatically. You will have to login before using them. If you run machines as file servers, they should also be checked to see if they need to be logged in, since they will have also been rebooted after the updates are applied.

If you use a software firewall, like ZoneAlarm, that watches for changes to file signatures, it will be necessary for you to allow Internet Explorer permission to connect to the Internet, because it's file signature will have changed, due to the update next Tuesday.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Bo Borland · From: South Jersey -

Did anyone else have a problme with the UPDATE?

When I woke up Wed. morning, my PC had restarted duw to the Windows update. \
Windows was working and AOL had reconnected to my DSL automatically.
AOL was running fine but I could not get IExplorer to open. After trying numerous times and doing a restart I had to RESTORE to the day before. WOrks
fine now.

PS Last night it downloaded and installed the updates again with the same results.
I disabled the automatic updater.
Any suggestions Wiz?

Wiz Feinberg · From: Mid-Michigan, USA

I updated without incident. Internet Explorer worked fine for me, when I tried it, after the updates were completed. I also updated several office machines and none had any problems afterward.

What version of Internet Explorer are you using? One of Tuesday's updates is an update for IE 7, with IE 6 being mostly unsupported now. Then, there is the question "is the AOL software responsible for this?" Their applications are known to hook into the OS and Internet Explorer. Are you using the most recent version of AOL?

Generally speaking, about 90% of the crashes and failures to update, in Internet Explorer, are caused by third party add-ons and malware infections and the remaining number are infected by rootkits. A very small number of problems are caused by bad Windows Updates themselves. If you do have IE 7, disable all of the add-ons and BHO's, scan for malware infections, viruses and rootkits, then disinfect and try downloading the updates again.

You may want to take note that most malware infections hook into various operating system files, which are then backed up in System Restore points. If your computer has become infected and you disinfect it with System Restore turned on, the next time you reboot - the infected files and registry entries will be restored. Therefore, if your anti-virus/spyware scans reveal any major malware infections, turn off system restore before removing the infections. Otherwise, you are going to have to go through this process forever.

Only turn System Restore back on after the computer is proven to be clean from malware.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Cal Sharp · From: the farm in Kornfield Kounty, TN

Aha! That explains why my PC was running Linux this morning. It's a dual-boot with OpenSUSE as the default, and Vista was running last night. I suppose I'd better start Windoze and see if everything's Kosher. I thought the reboot mighta had something to do with the fact that my Comcast cable was down for a few hours, but apparently not.
_________________
C#
Me: Steel Guitar Madness
Latest ebook: Steel Guitar Insanity
Custom Made Covers for Steel Guitars & Amps at Sharp Covers Nashville

Wiz Feinberg · From: Mid-Michigan, USA

C# and others running Windoze Vista;

Your computer rebooted after installing critical patches. They replace vital system files that cannot be overwritten while they are in use. By rebooting you allow the patches to overwrite the vulnerable files, and to update the Registry with information about the changes.

Microsoft is going to release two more critical patches for Vista OS's in order to prep them for the upcoming mega-update to Vista SP1. Vista owners must allow these patches to be applied before they will be allowed to download SP1. The service pack improves stability, compatibility and security.

Those of you who are on dial-up Internet may want to order the SP1 CD or DVD from Microsoft, rather that tying up your phone line all night, waiting for the Service Pack to download.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Forum Index > Computers		Next oldest topic :: Next newest topic

All times are GMT - 8 Hours	Jump to: