|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
MS-DEFCON 2: Get locked down, and get IE upgraded ASAP!
Microsoft released seven security bulletins earlier today. As usual, SANS Internet Storm Center has the overview I rely on the most.
SANS only identifies one of the patches, MS13-002/KB 2756145, as being “critical” for regular Windows users – but I note with some distress that Microsoft has already changed the KB article for the patch. SANS says there are no known exploits, so I’m recommending that you avoid this and all the other patches for now.
Make sure you have Windows Automatic Update turned off. Details are on the tab above marked Automatic Update.
Far, far more important is that you get rid of Internet Explorer 8, 7, or 6. Either upgrade to IE 9 (which isn’t an option if you use Windows XP), or switch to Firefox or Chrome. As I explained a few days ago, Microsoft has a Fixit for the security hole in IE 6, 7, or 8. Unfortunately, the Fixit has already been cracked.
If you absolutely must use IE 6, 7, or 8, go ahead and apply the Fixit. But realize there’s a chance you can get hacked in a drive-by attack, where your machine gets taken when you just look at an infected web page. You don’t have to do a bloody thing.
I’m moving us up to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
*Some settings are managed by your organization
by 7 hours, 44 minutes ago
-
Formatting of “Forward”ed e-mails
by 9 hours, 58 minutes ago
-
SmartSwitch PC Updates will only be supported through the MS Store Going Forward
by 10 hours, 22 minutes ago
-
CISA warns of hackers targeting critical oil infrastructure
by 19 hours, 23 minutes ago
-
AI slop
by 18 hours, 34 minutes ago
-
Chrome : Using AI with Enhanced Protection mode
by 20 hours, 40 minutes ago
-
Two blank icons
by 6 hours, 13 minutes ago
-
Documents, Pictures, Desktop on OneDrive in Windows 11
by 1 day, 5 hours ago
-
End of 10
by 1 day, 8 hours ago
-
Single account cannot access printer’s automatic duplex functionality
by 6 hours, 9 minutes ago
-
test post
by 1 day, 14 hours ago
-
Privacy and the Real ID
by 1 day, 4 hours ago
-
MS-DEFCON 2: Deferring that upgrade
by 20 hours, 29 minutes ago
-
Cant log on to oldergeeks.Com
by 1 day, 18 hours ago
-
Upgrading from Win 10
by 6 hours, 18 minutes ago
-
USB webcam / microphone missing after KB5050009 update
by 9 hours, 52 minutes ago
-
TeleMessage, a modified Signal clone used by US government has been hacked
by 2 days, 10 hours ago
-
The story of Windows Longhorn
by 1 day, 22 hours ago
-
Red x next to folder on OneDrive iPadOS
by 2 days, 12 hours ago
-
Are manuals extinct?
by 5 hours, 55 minutes ago
-
Canonical ditching Sudo for Rust Sudo -rs starting with Ubuntu
by 2 days, 21 hours ago
-
Network Issue
by 2 days, 8 hours ago
-
Fedora Linux is now an official WSL distro
by 3 days, 9 hours ago
-
May 2025 Office non-Security updates
by 3 days, 9 hours ago
-
Windows 10 filehistory including onedrive folder
by 3 days, 11 hours ago
-
pages print on restart (Win 11 23H2)
by 2 days, 12 hours ago
-
Windows 11 Insider Preview build 26200.5581 released to DEV
by 3 days, 13 hours ago
-
Windows 11 Insider Preview build 26120.3950 (24H2) released to BETA
by 3 days, 13 hours ago
-
Proton to drop prices after ruling against “Apple tax”
by 3 days, 21 hours ago
-
24H2 Installer – don’t see Option for non destructive install
by 6 hours, 24 minutes ago
Remembering Woody
