Microsoft’s “Black” Patch Tuesday
Just a heads-up to all you out there that are not really security conscious. Microsoft “Patch Tuesday” was last week, with a number of important security updates having been released by the software giant. If you run Windows XP then chances are that you need to install most of these patches in order to ensure that you will not be 0wned by some wannabe script kiddie who thinks it would be fun to make your computer a wreck.
The following is a list of what new goodies our faithful friend, Microsoft, has offered us peasants:
MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution
KB Number: 923723
Severity: ImportantMS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege
KB Number: 928255
Severity: ImportantMS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege
KB Number: 927802
Severity: ImportantMS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution
KB Number: 928843
Severity: CriticalMS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution
KB Number: 927779
Severity: CriticalMS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
KB Number: 932135
Severity: CriticalMS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution
KB Number: 926436
Severity: ImportantMS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution
KB Number: 924667
Severity: ImportantMS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution
KB Number: 918118
Severity: ImportantMS07-014: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
KB Number: 929434
Severity: CriticalMS07-015: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
KB Number: 932554
Severity: CriticalMS07-016: Cumulative Security Update for Internet Explorer
KB Number: 928090
Severity: CriticalMSRT-001: Microsoft Malicious Software Removal Tool (February Update)
I highly recomment that these patches be installed once they have been delivered to you via Microsoft’s automatic update service. If, for whatever reason, you do not see them show up anytime soon then I strongly recommend that you force-check for new updates. Once prompted to install these security patches then do so immediately.
Until the second Tuesday of March, I sincerely hope that you enjoy this round of fun in the sun, all thanks to Microsoft!
I haven’t seen them, yet, and will wait a day or two.
Whenever I see these sprawling lists of security issues in Windows XP, I have a sudden urge to switch to Ubuntu… :)
“MS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution”
To be honest, i think i can’t trust acompany that has a flaw like this one. Where on the world (should be read, world outside of MS) do you get a Malware protection that could (the could is really important. Have they tested? Do they really know it does? Is it theoretical?) execute remote code. Well… Shouldn’t it also protect against that? Or it’s just for MS to say that they have a Malware protection?
Shouldn’t the costumers ask for the protection that they have payed for?
I don’t get why people haven’t sued Microsoft for failing on providing security for their purchase. If you want a good protection you have to buy it to a third party company. I’ve never ever installed such things on my GNU/Linux distros… But i guess i’m lazy and don’t really think about protection.
I wonder how many problems the “safest ever” Windows Vista will show in the next months. Will it be like Windows XP? Will it really be worth to buy the new Vista? I guess i’ll stick with my current configuration (Ubuntu + Win XP) until i’m really fed up with games and stick just to Ubuntu… Or maybe i’ll fall back to my dear Debian…