Newsletter Archives

  • MS-DEFCON 5: Get patched now

    Posted on September 2, 2009 at 19:54 CDT by Comment in the Forums

    There have been a few minor problems with the August Black Tuesday patches, but nothing seems to have turned belly-up. Right now is a good time to get completely patched up – apply all outstanding Microsoft patches.

    Yes, I know there are ongoing problems with the .NET Framework patches, but I’ve already thrown in the towel on those.

    After you’re patched up, make sure your computer is set to notify but don’t download or install updates. Another crop of security bulletins is due next Tuesday.

    I’m moving us down to MS-DEFCON 5: All’s clear. Patch while it’s safe.

    One historical note: Microsoft discovered a bug in Vista Service Pack 2 that caused it to crash some systems with a Blue Screen of Death error 0xc0000034. Details on the TechNet blog. There was also a problem that caused an error 0x0000007e or 0x00000050, which has been fixed in an update to SP2, as documented in Knowledge Base article 973879.

    At this point, those of you running Vista should be absolutely convinced that you want to upgrade to Windows 7. And if you’re definitely going to upgrade to Win7, I don’t see any reason at all to install Vista Service Pack 2.

    Windows Patches/Security , , , , ,

  • MS-DEFCON 2: August Black Tuesday unleashed

    Posted on August 12, 2009 at 07:23 CDT by Comment in the Forums

    It’s going to be a bloody month.

    Microsoft just released nine security bulletins, covering 19 separate security holes.

    Five of the bulletins have an exploitability rating of “1” which means Microsoft “expect[s] there to be consistent, reliable code in the wild seeking to exploit one or more of these vulnerabilities within the first 30 days from release.”

    Sorry, I don’t buy it.

    This month we get two ActiveX security bulletins, with a total of nine separately identified security holes. That’s just for ActiveX – the evil spawn of Internet Explorer.

    MS09-037 is the patch for the Active Template Library that I talked about two weeks ago. If you recall, there was an out-of-band patch that was supposed to fix the problem. Again. Security Advisory 973882 goes into the details of how MS09-032, MS09-034, MS09-035 and MS09-037 are inter-related. Man, what a mess. Keystone Kops time.

    The other ActiveX security bulletin, MS09-043, fixes ActiveX holes in the Office Web Components.

    Those are the two bulletins I’ll be watching most closely. I may advise you to apply the patches earlier this month than usual. Let’s see what happens.

    As usual, the most thorough analysis is at the SANS Internet Storm Center – although I don’t recommend that you follow their “damn the torpedoes, patch it now” advice.

    We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

    UPDATE: In response to a request from Vaughn, here are the KB numbers for the August Black Tuesday patches:

    MS09-036
    Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

    MS09-037
    Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

    MS09-038
    Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

    MS09-039
    Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

    MS09-040
    Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)

    MS09-041
    Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

    MS09-042
    Vulnerability in Telnet Could Allow Remote Code Execution (960859)

    MS09-043
    Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

    MS09-044
    Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

    Windows Patches/Security , , , , , ,

  • August Black Tuesday coming – get patched now

    Posted on August 7, 2009 at 04:48 CDT by Comment in the Forums

    Microsoft just issued its advance notification for next Tuesday’s patches.

    Expect to see eight security bulletins, including one for the 0day in the Office Web Components, described in Knowledge Base article KB 973472. Microsoft says that particular patch affects Microsoft Office XP and 2003, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server.

    Get all of the Microsoft patches applied now. We’re still at MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.