|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Black Tuesday has one biggie
No surprise, but Microsoft’s Black Tuesday patches include a fix to the “URI handling problem” that I talked about more than a month ago.
This is the 0day security hole that Microsoft first denied existed, then begrudgingly agreed to fix.
Adobe went so far as to patch Adobe Reader so it couldn’t be coerced into taking advantage of the security hole. Now Microsoft has issued a fix for the underlying problem, described in Security Bulletin MS07-061.
The security hole only exists on Windows XP and Windows 2003 systems that have had Internet Explorer 7 installed. Apparently putting the latest, greatest, most secure Microsoft Web browser on your system also left your computer wide open to attack, not just directly via IE 7, but also “Outlook, Firefox, Adobe, Skype, and other applications,” according to CVE 2007-3896, the definitive reference on the topic.
I’ll be watching this one closely. Stay tuned. In the interim, we remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
National scam day
by 5 hours, 50 minutes ago
-
macOS Tahoe 26 the end of the road for Intel Macs, OCLP, Hackintosh
by 10 hours, 14 minutes ago
-
Cyberattack on some Washington Post journalists’ email accounts
by 11 hours, 34 minutes ago
-
Tools to support internet discussions
by 18 hours, 24 minutes ago
-
How get Group Policy to allow specific Driver to download?
by 2 hours, 40 minutes ago
-
AI is good sometimes
by 18 hours, 46 minutes ago
-
Mozilla quietly tests Perplexity AI as a New Firefox Search Option
by 8 hours, 49 minutes ago
-
Perplexity Pro free for 12 mos for Samsung Galaxy phones
by 1 day, 19 hours ago
-
June KB5060842 update broke DHCP server service
by 1 day, 17 hours ago
-
AMD Ryzen™ Chipset Driver Release Notes 7.06.02.123
by 1 day, 21 hours ago
-
Excessive security alerts
by 12 hours, 25 minutes ago
-
* CrystalDiskMark may shorten SSD/USB Memory life
by 2 days, 7 hours ago
-
Ben’s excellent adventure with Linux
by 14 minutes ago
-
Seconds are back in Windows 10!
by 1 day, 18 hours ago
-
WebBrowserPassView — Take inventory of your stored passwords
by 11 hours, 52 minutes ago
-
OS news from WWDC 2025
by 22 hours, 11 minutes ago
-
Need help with graphics…
by 1 day, 2 hours ago
-
AMD : Out of Bounds (OOB) read vulnerability in TPM 2.0 CVE-2025-2884
by 2 days, 22 hours ago
-
Totally remove or disable BitLocker
by 1 day, 21 hours ago
-
Windows 10 gets 6 years of ESU?
by 2 days ago
-
Apple, Google stores still offer China-based VPNs, report says
by 3 days, 9 hours ago
-
Search Forums only bring up my posts?
by 17 hours, 59 minutes ago
-
Windows Spotlight broken on Enterprise and Pro for Workstations?
by 3 days, 21 hours ago
-
Denmark wants to dump Microsoft for Linux + LibreOffice
by 1 hour, 12 minutes ago
-
How to get Microsoft Defender to honor Group Policy Setting
by 3 days, 21 hours ago
-
Apple : Paragon’s iOS Mercenary Spyware Finds Journalists Target
by 4 days, 7 hours ago
-
Music : The Rose Room – It’s Been A Long, Long Time album
by 4 days, 8 hours ago
-
Disengage Bitlocker
by 3 days, 22 hours ago
-
Mac Mini M2 Service Program for No Power Issue
by 4 days, 10 hours ago
-
New Win 11 Pro Geekom Setup questions
by 17 hours, 47 minutes ago
Remembering Woody
