Results 1 to 7 of 7

Thread: FYI - Critical Windows patch on the way

  1. #1
    Senior Member
    Join Date
    Mar 2004
    Posts
    510

    Post FYI - Critical Windows patch on the way

    http://news.zdnet.com/2100-1009_22-5...=zdfd.newsfeed

    After reading ZT3000 posts I added this which I should have added in the first place.http://www.microsoft.com/technet/sec...n/advance.mspx
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  2. #2
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253

    FYI From Sans

    Microsoft Update Spoof
    With Microsoft Patch Tuesday looming on the horizon we thought it wise to alert everyone to a malicious email that is circulating the globe. "A mass SPAM email has been sent out claiming to be from Microsoft. This email spoofs users into thinking that they must update their Windows software. Upon clicking on the link, users are forwarded to a fraudulent website. This website is hosted in Australia, and was up at the time of this alert."
    http://www.websensesecuritylabs.com/...hp?AlertID=163

    When the link is clicked it installs a Trojan program. The Trojan program (Wupdate-20050401.exe) is installed and opens a backdoor to your computer.
    This is a reminder to everyone, "Microsoft Does NOT Email Update Links".
    Deb Hale
    Handler on Duty
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  3. #3
    Senior Member
    Join Date
    Mar 2005
    Posts
    400

    Exclamation

    To the first poster:

    How critical??

    According to the article:
    The company said it will have two high-priority Windows upgrades that are not related to security issues that will be made available via its automatic Windows Update service.
    Was the word "CRITICAL" originating from ZDNET news or from Microsoft itself and simply relayed by ZDNET?

    Is calling a patch "CRITICAL" becoming like the boy who cried "Wolf!!"??
    Is it becoming a ruse to get you to come and download??
    I wonder??

    If there is a currently active exploit against, or a serious programming flaw or maybe a hole the size of Grand Canyon, I'd expect the word "CRITICAL" to be flashing.

    Anymore, I'm left wondering.

    Any of my peers have thoughts about this??

    (I'm not asking about Microsoft's official posted definitions on this, rather are we or others using the word "Critical" too much. How much too much?)
    ZT3000
    Beta tester of "0"s and "1"s"

  4. #4
    Senior Member
    Join Date
    Mar 2005
    Posts
    400

    Exclamation

    Never mind my previous post:

    I went to MS site and READ the generic reasons for this update being called CRITICAL.

    At the end of their web page it says:
    At this time no additional information on these bulletins such as details regarding severity or details regarding the vulnerability will be made available until 12 April 2005.
    ZT3000
    Beta tester of "0"s and "1"s"

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Here is what is being released tomorrow. More than likely this is the same information that zdnet had as I received this last Thursday.


    - 5 Microsoft Security Bulletins affecting Microsoft Windows. The greatest aggregate, maximum severity rating for these security updates is Critical. Some of these updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer (MBSA).

    - 1 Microsoft Security Bulletin affecting Microsoft Office. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates will not require a restart. These updates will be detectable using MBSA.

    - 1 Microsoft Security Bulletin affecting MSN Messenger. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates may require a restart. These updates will be detectable using the Enterprise Scanning Tool (EST).

    - 1 Microsoft Security Bulletin affecting Microsoft Exchange. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates will not require a restart. These updates will be detectable using MBSA.

    In addition, Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).

    Finally, Microsoft will release two NON-SECURITY High-Priority Updates for Windows on the Windows Update site. These will be distributed to Software Update Services and are not required to install the security updates.

  6. #6
    Senior Member
    Join Date
    Mar 2004
    Posts
    510
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  7. #7
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi Everybody,

    Well...I went to the Update Centre like I normally do...and it said there was 6 critical updates...

    3 for windows 2000
    2 for some upgrade of the Update Centre
    and
    1 for service pack 1

    I downloaded and installed the 3 windows 2000
    I assume ( and someone please correct me if I'm wrong ) the service pack 1 doesn't apply to me because I already have service pack 4
    and I passed on the upgrades till someone can tell me why I need them

    Thanks,

    Eg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •