Sign in with
Sign up | Sign in
Your question

Zotob worm patch?

Last response: in Windows XP
Share
Anonymous
August 18, 2005 1:14:45 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

I know that many in this group support downloading Windows XP updates. Personally, I
download and install ONLY what is absolutely necessary, which for me has avoided problems
with smooth running systems. There has been much media attention the past couple of days
about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
patch available for download at the Microsoft web site
WindowsXP-KB899588-x86-ENU.exe

But, there has been mass media hysteria in the past about viruses and worms, none of which
have made their way to any of my systems with broadband internet connections, without my
having to download and install the plethora of security patches at the Windows Update. My
question is, if I have a decent firewall am I already protected, or do I really need to
install this patch?
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply

More about : zotob worm patch

Anonymous
August 18, 2005 4:24:15 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:

> I know that many in this group support downloading Windows XP updates.
> Personally, I download and install ONLY what is absolutely necessary,
> which for me has avoided problems with smooth running systems. There
> has been much media attention the past couple of days about the Zotob
> worm, I.E., PnP and compromised Windows security. I know that there is
> a patch available for download at the Microsoft web site
> WindowsXP-KB899588-x86-ENU.exe
>
> But, there has been mass media hysteria in the past about viruses and
> worms, none of which have made their way to any of my systems with
> broadband internet connections, without my having to download and
> install the plethora of security patches at the Windows Update. My
> question is, if I have a decent firewall am I already protected, or do I
> really need to install this patch?
> --
>
> T.C.
> t__cruise@[NoSpam]hotmail.com
> Remove [NoSpam] to reply

Of course you don't NEED to install the patch. You MAY be safe but on the
other hand the patch is free and a small download so why not install it?

I'd be curious how you decide what is absolutely necessary? In my books that
would be any patches classified as critical.
Anonymous
August 18, 2005 4:24:16 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
news:Xns96B68859F2541bobarcabca@207.46.248.16...
> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
> news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
>
> > I know that many in this group support downloading Windows XP updates.
> > Personally, I download and install ONLY what is absolutely necessary,
> > which for me has avoided problems with smooth running systems. There
> > has been much media attention the past couple of days about the Zotob
> > worm, I.E., PnP and compromised Windows security. I know that there is
> > a patch available for download at the Microsoft web site
> > WindowsXP-KB899588-x86-ENU.exe
> >
> > But, there has been mass media hysteria in the past about viruses and
> > worms, none of which have made their way to any of my systems with
> > broadband internet connections, without my having to download and
> > install the plethora of security patches at the Windows Update. My
> > question is, if I have a decent firewall am I already protected, or do I
> > really need to install this patch?
> > --
> >
> > T.C.
> > t__cruise@[NoSpam]hotmail.com
> > Remove [NoSpam] to reply
>
> Of course you don't NEED to install the patch. You MAY be safe but on the
> other hand the patch is free and a small download so why not install it?
>
> I'd be curious how you decide what is absolutely necessary? In my books that
> would be any patches classified as critical.
>

It would be for an immediate problem, such as support for hardware, which was not
available prior to the update. Aside from that, when it comes to security, the Zone
Alarm firewall, and safe internet computing practices have kept my systems clean and
running smoothly, without downloading even one Windows Update for the past couple of
years. I never updated my SP1 systems to SP2, and all is fine with them. I know the
hardware/drivers/Software/Utilities and resources on those systems, and looked at the risk
v. benefit of updating them to SP2. I decided not to. I realize that the majority of
people who updated to SP2 did not have any problems, but some had major problems during
and after the SP2 update. My SP1 systems are still running fine. I realize that there
are many people who will disagree with my practices and logic. Working on other people's
systems is one thing. But, downloading an update which does not play nice with one of my
configurations is something that I do not want to waste time fixing, even if the fix only
involves an hour of my time. Or, downloading an update and then needing to do a System
Restore to a time prior to the download of that update, because of another problem, which
would mean downloading the update again, is something I do not want to have to keep track
of, or get involved with, unless absolutely necessary.
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply
Related resources
Can't find your answer ? Ask !
Anonymous
August 18, 2005 6:20:40 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

All "critical updates" are considered "absolutely necessary" to maintain
the security of your Windows XP operating system.

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

-------------------------------------------------------------------------------------------

"t.cruise" wrote:

| I know that many in this group support downloading Windows XP updates. Personally, I
| download and install ONLY what is absolutely necessary, which for me has avoided problems
| with smooth running systems. There has been much media attention the past couple of days
| about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
| patch available for download at the Microsoft web site
| WindowsXP-KB899588-x86-ENU.exe
|
| But, there has been mass media hysteria in the past about viruses and worms, none of which
| have made their way to any of my systems with broadband internet connections, without my
| having to download and install the plethora of security patches at the Windows Update. My
| question is, if I have a decent firewall am I already protected, or do I really need to
| install this patch?
| --
|
| T.C.
Anonymous
August 18, 2005 6:20:41 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

I respect your opinion. I have found, what Microsoft considers critical, is not always
critical. Many critical updates should have a disclaimer: If you are using a decent
firewall, then this update is not necessary. My question was not answered though. If one
has a decent firewall, will that stop the zotob worm from infecting a system?
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply



"Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
news:#mDbsnCpFHA.1372@TK2MSFTNGP10.phx.gbl...
> All "critical updates" are considered "absolutely necessary" to maintain
> the security of your Windows XP operating system.
>
> --
> Carey Frisch
> Microsoft MVP
> Windows XP - Shell/User
> Microsoft Newsgroups
>
> ----------------------------------------------------------------------------------------
---
>
> "t.cruise" wrote:
>
> | I know that many in this group support downloading Windows XP updates. Personally, I
> | download and install ONLY what is absolutely necessary, which for me has avoided
problems
> | with smooth running systems. There has been much media attention the past couple of
days
> | about the Zotob worm, I.E., PnP and compromised Windows security. I know that there
is a
> | patch available for download at the Microsoft web site
> | WindowsXP-KB899588-x86-ENU.exe
> |
> | But, there has been mass media hysteria in the past about viruses and worms, none of
which
> | have made their way to any of my systems with broadband internet connections, without
my
> | having to download and install the plethora of security patches at the Windows Update.
My
> | question is, if I have a decent firewall am I already protected, or do I really need
to
> | install this patch?
> | --
> |
> | T.C.
>
Anonymous
August 18, 2005 6:20:42 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
news:eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl:

> I respect your opinion. I have found, what Microsoft considers
> critical, is not always critical. Many critical updates should have a
> disclaimer: If you are using a decent firewall, then this update is not
> necessary. My question was not answered though. If one has a decent
> firewall, will that stop the zotob worm from infecting a system?

First of all if you are running any OS other than Windows 2000 you are
unlikely to be affected . Secondly a firewall blocking ports 139 and 445
while prevent the attack. For more information I would suggest that you
visit this page:

http://www.microsoft.com/technet/security/bulletin/MS05...

Click on Vulnerability Details and expand it until you get to Workarounds.

PS I want to slap you upside the head! While there are often other ways to
prevent attacks why not fix the problem? What happens if your firewall fails
or you misconfigure it?
Anonymous
August 18, 2005 6:42:58 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
news:eJekL9CpFHA.1416@TK2MSFTNGP09.phx.gbl:

>
> "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
> news:Xns96B68859F2541bobarcabca@207.46.248.16...
>> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
>> news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
>>
>> > I know that many in this group support downloading Windows XP
>> > updates. Personally, I download and install ONLY what is absolutely
>> > necessary, which for me has avoided problems with smooth running
>> > systems. There has been much media attention the past couple of days
>> > about the Zotob worm, I.E., PnP and compromised Windows security. I
>> > know that there is a patch available for download at the Microsoft
>> > web site WindowsXP-KB899588-x86-ENU.exe
>> >
>> > But, there has been mass media hysteria in the past about viruses and
>> > worms, none of which have made their way to any of my systems with
>> > broadband internet connections, without my having to download and
>> > install the plethora of security patches at the Windows Update. My
>> > question is, if I have a decent firewall am I already protected, or
>> > do I really need to install this patch?
>> > --
>> >
>> > T.C.
>> > t__cruise@[NoSpam]hotmail.com
>> > Remove [NoSpam] to reply
>>
>> Of course you don't NEED to install the patch. You MAY be safe but on
>> the other hand the patch is free and a small download so why not
>> install it?
>>
>> I'd be curious how you decide what is absolutely necessary? In my books
>> that would be any patches classified as critical.
>>
> It would be for an immediate problem, such as support for hardware,
> which was not available prior to the update. Aside from that, when it
> comes to security, the Zone Alarm firewall, and safe internet computing
> practices have kept my systems clean and running smoothly, without
> downloading even one Windows Update for the past couple of years. I
> never updated my SP1 systems to SP2, and all is fine with them. I know
> the hardware/drivers/Software/Utilities and resources on those systems,
> and looked at the risk v. benefit of updating them to SP2. I decided
> not to. I realize that the majority of people who updated to SP2 did
> not have any problems, but some had major problems during and after the
> SP2 update. My SP1 systems are still running fine. I realize that
> there are many people who will disagree with my practices and logic.
> Working on other people's systems is one thing. But, downloading an
> update which does not play nice with one of my configurations is
> something that I do not want to waste time fixing, even if the fix only
> involves an hour of my time. Or, downloading an update and then needing
> to do a System Restore to a time prior to the download of that update,
> because of another problem, which would mean downloading the update
> again, is something I do not want to have to keep track of, or get
> involved with, unless absolutely necessary. --

You do realize that ZoneAlarm has had it's own vulnerabilities? You are
essentially putting all your eggs in one basket and relying entirely on a
software firewall to protect you. You are trading off a possible problem
from an update against a likely nastier problem from a vulnerability being
exploited.

FYI I do support for over 600 people and haven't had an issue with a
critical update from Microsoft since the days of Windows NT. We have very
diverse hardware as I work for a research organization with all sorts of
strange equipment. I have never had to do a system restore due to an
update.

What you are doing defies all common security practices (multiple layers
of defense, properly configured and updated systems.)
Anonymous
August 18, 2005 8:24:14 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

I'm sure all the companies that got hit with the Zotob worm had
firewalls enabled. Microsoft issued a critical update over a week
ago to prevent this infection. I guess they too thought a firewall
was all they need....guess they were wrong.

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

-------------------------------------------------------------------------------------------

"t.cruise" wrote:

|I respect your opinion. I have found, what Microsoft considers critical, is not always
| critical. Many critical updates should have a disclaimer: If you are using a decent
| firewall, then this update is not necessary. My question was not answered though. If one
| has a decent firewall, will that stop the zotob worm from infecting a system?
| --
|
| T.C.
August 18, 2005 8:24:51 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

This is for XP only!!!
The scumbag trying to use the PnP exploit has to have
1.Access to your keyboard or
2.Admin rights to exploit this remotely

From M/s website under mitigating factors of this hotfix
Mitigating Factors for Plug and Play Vulnerability - CAN-2005-1983:
. On Windows XP Service Pack 2 and Windows Server 2003 an attacker
must have valid logon credentials and be able to log on locally to exploit
this vulnerability. The vulnerability could not be exploited remotely by
anonymous users or by users who have standard user accounts. However, the
affected component is available remotely to users who have administrative
permissions.

. On Windows XP Service Pack 1 an attacker must have valid logon
credentials to try to exploit this vulnerability. The vulnerability could
not be exploited remotely by anonymous users. However, the affected
component is available remotely to users who have standard user accounts.

. Firewall best practices and standard default firewall configurations
can help protect networks from attacks that originate outside the enterprise
perimeter. Best practices recommend that systems that are connected to the
Internet have a minimal number of ports exposed.

When you say that M/S has a habit of saying everything is "critical"
or must have you are right.

--
Mike Pawlak










t.cruise wrote:
> I know that many in this group support downloading Windows XP
> updates. Personally, I download and install ONLY what is absolutely
> necessary, which for me has avoided problems with smooth running
> systems. There has been much media attention the past couple of days
> about the Zotob worm, I.E., PnP and compromised Windows security. I
> know that there is a patch available for download at the Microsoft
> web site
> WindowsXP-KB899588-x86-ENU.exe
>
> But, there has been mass media hysteria in the past about viruses and
> worms, none of which have made their way to any of my systems with
> broadband internet connections, without my having to download and
> install the plethora of security patches at the Windows Update. My
> question is, if I have a decent firewall am I already protected, or
> do I really need to install this patch?
Anonymous
August 18, 2005 11:32:02 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
bob@arc.ab.caREMOVETHIS says...
> I'd be curious how you decide what is absolutely necessary? In my books that
> would be any patches classified as critical.

While all patches are critical of nature, until you test them against
your environment there is little reason to blindly install them, unless
the patch provides immediate protection for a problem you are
immediately exposed too. In many cases the exposure path is limited and
you can safely wait/test the patches and then install them.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 18, 2005 11:32:03 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Leythos <void@nowhere.lan> wrote in
news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:

> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
> bob@arc.ab.caREMOVETHIS says...
>> I'd be curious how you decide what is absolutely necessary? In my books
>> that would be any patches classified as critical.
>
> While all patches are critical of nature, until you test them against
> your environment there is little reason to blindly install them, unless
> the patch provides immediate protection for a problem you are
> immediately exposed too. In many cases the exposure path is limited and
> you can safely wait/test the patches and then install them.

I was referring to patches classified as 'critical' by Microsoft. For more
info on Microsoft's ratings visit this site:

http://www.microsoft.com/technet/security/bulletin/rati...

A quote from the above site:

"We believe that customers who use an affected product should almost always
apply patches that address vulnerabilities rated critical or important.
Patches rated critical should be applied in an especially timely manner."

If you read the bulletins there are often other ways to address the
vulnerability which can be used while you test the patch.

I support about 600 users all using automatic update (critical patches
installed as soon as they are available) has been that we haven't had a
problem with these updates since the days of Windows NT. Of course your
environment may be different.
Anonymous
August 18, 2005 11:58:51 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl>, t__cruise@[NoSpam]
hotmail.com says...
> My question was not answered though. If one
> has a decent firewall, will that stop the zotob worm from infecting a system?

Your question has no direct answer as we don't know your network.

Ask yourself this - do you know how it gets into a network? All possible
paths?

Does your firewall protect you from all of those paths?

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 18, 2005 11:58:52 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

My systems are not networked to each other. Each is stand alone, with its own Road Runner
internet connection. Each has the Zone Alarm firewall.
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply



"Leythos" <void@nowhere.lan> wrote in message
news:MPG.1d6eb28337e83df3989c50@news-server.columbus.rr.com...
> In article <eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl>, t__cruise@[NoSpam]
> hotmail.com says...
> > My question was not answered though. If one
> > has a decent firewall, will that stop the zotob worm from infecting a system?
>
> Your question has no direct answer as we don't know your network.
>
> Ask yourself this - do you know how it gets into a network? All possible
> paths?
>
> Does your firewall protect you from all of those paths?
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me
Anonymous
August 19, 2005 12:10:39 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
news:Xns96B69FDFD5B5Fbobarcabca@207.46.248.16...
> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
> news:eJekL9CpFHA.1416@TK2MSFTNGP09.phx.gbl:
>
> >
> > "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
> > news:Xns96B68859F2541bobarcabca@207.46.248.16...
> >> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
> >> news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
> >>
> >> > I know that many in this group support downloading Windows XP
> >> > updates. Personally, I download and install ONLY what is absolutely
> >> > necessary, which for me has avoided problems with smooth running
> >> > systems. There has been much media attention the past couple of days
> >> > about the Zotob worm, I.E., PnP and compromised Windows security. I
> >> > know that there is a patch available for download at the Microsoft
> >> > web site WindowsXP-KB899588-x86-ENU.exe
> >> >
> >> > But, there has been mass media hysteria in the past about viruses and
> >> > worms, none of which have made their way to any of my systems with
> >> > broadband internet connections, without my having to download and
> >> > install the plethora of security patches at the Windows Update. My
> >> > question is, if I have a decent firewall am I already protected, or
> >> > do I really need to install this patch?
> >> > --
> >> >
> >> > T.C.
> >> > t__cruise@[NoSpam]hotmail.com
> >> > Remove [NoSpam] to reply
> >>
> >> Of course you don't NEED to install the patch. You MAY be safe but on
> >> the other hand the patch is free and a small download so why not
> >> install it?
> >>
> >> I'd be curious how you decide what is absolutely necessary? In my books
> >> that would be any patches classified as critical.
> >>
> > It would be for an immediate problem, such as support for hardware,
> > which was not available prior to the update. Aside from that, when it
> > comes to security, the Zone Alarm firewall, and safe internet computing
> > practices have kept my systems clean and running smoothly, without
> > downloading even one Windows Update for the past couple of years. I
> > never updated my SP1 systems to SP2, and all is fine with them. I know
> > the hardware/drivers/Software/Utilities and resources on those systems,
> > and looked at the risk v. benefit of updating them to SP2. I decided
> > not to. I realize that the majority of people who updated to SP2 did
> > not have any problems, but some had major problems during and after the
> > SP2 update. My SP1 systems are still running fine. I realize that
> > there are many people who will disagree with my practices and logic.
> > Working on other people's systems is one thing. But, downloading an
> > update which does not play nice with one of my configurations is
> > something that I do not want to waste time fixing, even if the fix only
> > involves an hour of my time. Or, downloading an update and then needing
> > to do a System Restore to a time prior to the download of that update,
> > because of another problem, which would mean downloading the update
> > again, is something I do not want to have to keep track of, or get
> > involved with, unless absolutely necessary. --
>
> You do realize that ZoneAlarm has had it's own vulnerabilities? You are
> essentially putting all your eggs in one basket and relying entirely on a
> software firewall to protect you. You are trading off a possible problem
> from an update against a likely nastier problem from a vulnerability being
> exploited.
>
> FYI I do support for over 600 people and haven't had an issue with a
> critical update from Microsoft since the days of Windows NT. We have very
> diverse hardware as I work for a research organization with all sorts of
> strange equipment. I have never had to do a system restore due to an
> update.
>
> What you are doing defies all common security practices (multiple layers
> of defense, properly configured and updated systems.)

FYI: I did install the update, AFTER I was assured that it would not create any problems,
and then recommended it to others. I still believe that Microsoft uses the word
"critical" loosely. I also do not like updates that cause problems, and when one wants to
uninstall them, a dialog box comes up listing a group of applications which might not
function properly if the update is uninstalled. One should be informed BEFORE the install
of the update of that list of applications which might not run correctly if the update is
uninstalled.
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply
Anonymous
August 19, 2005 12:16:46 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
bob@arc.ab.caREMOVETHIS says...
> Leythos <void@nowhere.lan> wrote in
> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>
> > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
> > bob@arc.ab.caREMOVETHIS says...
> >> I'd be curious how you decide what is absolutely necessary? In my books
> >> that would be any patches classified as critical.
> >
> > While all patches are critical of nature, until you test them against
> > your environment there is little reason to blindly install them, unless
> > the patch provides immediate protection for a problem you are
> > immediately exposed too. In many cases the exposure path is limited and
> > you can safely wait/test the patches and then install them.
>
> I was referring to patches classified as 'critical' by Microsoft. For more
> info on Microsoft's ratings visit this site:

Yes, I know what you were referring to, and my statement stands.

Some users can put up with Automatic Updates, others require testing
before installation, either way, if the network security is properly
setup none of those patches are critical. Keep in mind, I'm not saying
that they are not critical to most systems, only that if you have a
fully protected network, you don't need them until after you've tested.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 12:16:47 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

I think some of the victims of Zotob had their initial infection
brought in by notebooks that spread it into their network. Now
with USB Flash devices there is even more portable "Threats"
to a business network.

"Leythos" <void@nowhere.lan> wrote in message
news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com...
> In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
> bob@arc.ab.caREMOVETHIS says...
>> Leythos <void@nowhere.lan> wrote in
>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>>
>> > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>> > bob@arc.ab.caREMOVETHIS says...
>> >> I'd be curious how you decide what is absolutely necessary? In my
>> >> books
>> >> that would be any patches classified as critical.
>> >
>> > While all patches are critical of nature, until you test them against
>> > your environment there is little reason to blindly install them, unless
>> > the patch provides immediate protection for a problem you are
>> > immediately exposed too. In many cases the exposure path is limited and
>> > you can safely wait/test the patches and then install them.
>>
>> I was referring to patches classified as 'critical' by Microsoft. For
>> more
>> info on Microsoft's ratings visit this site:
>
> Yes, I know what you were referring to, and my statement stands.
>
> Some users can put up with Automatic Updates, others require testing
> before installation, either way, if the network security is properly
> setup none of those patches are critical. Keep in mind, I'm not saying
> that they are not critical to most systems, only that if you have a
> fully protected network, you don't need them until after you've tested.
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me
Anonymous
August 19, 2005 12:16:47 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Leythos <void@nowhere.lan> wrote in
news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com:

> In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
> bob@arc.ab.caREMOVETHIS says...
>> Leythos <void@nowhere.lan> wrote in
>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>>
>> > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>> > bob@arc.ab.caREMOVETHIS says...
>> >> I'd be curious how you decide what is absolutely necessary? In my
>> >> books that would be any patches classified as critical.
>> >
>> > While all patches are critical of nature, until you test them against
>> > your environment there is little reason to blindly install them,
>> > unless the patch provides immediate protection for a problem you are
>> > immediately exposed too. In many cases the exposure path is limited
>> > and you can safely wait/test the patches and then install them.
>>
>> I was referring to patches classified as 'critical' by Microsoft. For
>> more info on Microsoft's ratings visit this site:
>
> Yes, I know what you were referring to, and my statement stands.
>
> Some users can put up with Automatic Updates, others require testing
> before installation, either way, if the network security is properly
> setup none of those patches are critical. Keep in mind, I'm not saying
> that they are not critical to most systems, only that if you have a
> fully protected network, you don't need them until after you've tested.

Not entirely true. Many of these vulnerabilities can be exploited if the
attacker has physical access to the machine.
August 19, 2005 12:16:48 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

This is just what I've noticed over the past year or so,these so called
"critical" updates are geared to bussiness or networks many (may) not apply
to the home user.The PnP exploit comes to mind,why should I care about this
update which requires valid logon cred. and physical acces to my computer
(or admin rights) to exploit, when the only people who have access to it are
my wife and myself?
It seems more likely to apply to a company that doesn't trust its employees.

--
Mike Pawlak






R. McCarty wrote:
> I think some of the victims of Zotob had their initial infection
> brought in by notebooks that spread it into their network. Now
> with USB Flash devices there is even more portable "Threats"
> to a business network.
>
> "Leythos" <void@nowhere.lan> wrote in message
> news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com...
>> In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
>> bob@arc.ab.caREMOVETHIS says...
>>> Leythos <void@nowhere.lan> wrote in
>>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>>>
>>>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>>>> bob@arc.ab.caREMOVETHIS says...
>>>>> I'd be curious how you decide what is absolutely necessary? In my
>>>>> books
>>>>> that would be any patches classified as critical.
>>>>
>>>> While all patches are critical of nature, until you test them
>>>> against your environment there is little reason to blindly install
>>>> them, unless the patch provides immediate protection for a problem
>>>> you are immediately exposed too. In many cases the exposure path
>>>> is limited and you can safely wait/test the patches and then
>>>> install them.
>>>
>>> I was referring to patches classified as 'critical' by Microsoft.
>>> For more
>>> info on Microsoft's ratings visit this site:
>>
>> Yes, I know what you were referring to, and my statement stands.
>>
>> Some users can put up with Automatic Updates, others require testing
>> before installation, either way, if the network security is properly
>> setup none of those patches are critical. Keep in mind, I'm not
>> saying that they are not critical to most systems, only that if you
>> have a fully protected network, you don't need them until after
>> you've tested.
>>
>> --
>>
>> spam999free@rrohio.com
>> remove 999 in order to email me
Anonymous
August 19, 2005 12:18:46 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <eSChyCDpFHA.736@tk2msftngp13.phx.gbl>, t__cruise@[NoSpam]
hotmail.com says...
> My systems are not networked to each other. Each is stand alone, with its own Road Runner
> internet connection. Each has the Zone Alarm firewall.

Then each is vulnerable to exploits - Personal Firewall installations,
applications that run on top a users computer while the user can use the
computer are by no means perfect (and yes, we run ZA Prof, Kerio, and
several others on our laptops when we go to customers locations). If you
have road runner (as do I) and you don't at least have a NAT router,
then you are just assuming you are protected against the next thing.

Get a NAT router at least.


--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 12:41:31 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <ep4JYLDpFHA.3516@TK2MSFTNGP15.phx.gbl>, PcEngWork-
NoSpam_@mindspring.com says...
> I think some of the victims of Zotob had their initial infection
> brought in by notebooks that spread it into their network. Now
> with USB Flash devices there is even more portable "Threats"
> to a business network.

I agree, and in many instances, if you don't give them Admin rights on
the local computer they can't connect the USB drives :) 

Laptops are always a problem and have always been a threat - but you can
still take standard measures to protect your network against them.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 12:44:01 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
bob@arc.ab.caREMOVETHIS says...
> PS I want to slap you upside the head! While there are often other ways to
> prevent attacks why not fix the problem? What happens if your firewall fails
> or you misconfigure it?

Are you serious? If the firewall fails you don't have any internet
access in most cases. If you misconfigure it, most times you're still
not exposed enough to cause a problem. Many people test their firewalls
against intrusion, so it's easy to tell if one is "misconfigured" if the
admin cares.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 12:44:02 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Leythos <void@nowhere.lan> wrote in
news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:

> In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
> bob@arc.ab.caREMOVETHIS says...
>> PS I want to slap you upside the head! While there are often other ways
>> to prevent attacks why not fix the problem? What happens if your
>> firewall fails or you misconfigure it?
>
> Are you serious? If the firewall fails you don't have any internet
> access in most cases. If you misconfigure it, most times you're still
> not exposed enough to cause a problem. Many people test their firewalls
> against intrusion, so it's easy to tell if one is "misconfigured" if the
> admin cares.

Yes I'm serious. Firewalls have bugs too! The original poster is relying
ENTIRELY on his firewall (a software one at that) to protect him. Why not
apply the patches and get the additional level of security? I can understand
waiting a while or doing some testing beforehand but there is no good reason
not to apply critical patches.
Anonymous
August 19, 2005 12:44:03 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

It takes a long time and a proven track record to remove the
impression that patches and updates will BREAK other things.

Service Pack 2's performance toned that down a little. Just
look at how reticent some people are to install Service Pack 2.
Anyone who wants to abide by "If it ain't broke - don't fix it"
should think of it more as "If it ain't updated - it's vulnerable"
That advice is geared more to the home PC user who wants
to be safe but isn't really sure how to go about it. Furthermore
the risk involved with updates/patches can be almost totally
eliminated with the use of frequent images of their systems.

Just today, I sent out a Security bulletin to my customers to
update their Adobe Reader versions. Rarely, does anybody
complain. Most times they appreciate having a resource to
tell them when a "Serious" threat needs their attention. What's
more interesting is that just about everybody on the mailing
list will follow the directions.


"Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
news:Xns96B69D488FAC6bobarcabca@207.46.248.16...
> Leythos <void@nowhere.lan> wrote in
> news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
>
>> In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
>> bob@arc.ab.caREMOVETHIS says...
>>> PS I want to slap you upside the head! While there are often other ways
>>> to prevent attacks why not fix the problem? What happens if your
>>> firewall fails or you misconfigure it?
>>
>> Are you serious? If the firewall fails you don't have any internet
>> access in most cases. If you misconfigure it, most times you're still
>> not exposed enough to cause a problem. Many people test their firewalls
>> against intrusion, so it's easy to tell if one is "misconfigured" if the
>> admin cares.
>
> Yes I'm serious. Firewalls have bugs too! The original poster is relying
> ENTIRELY on his firewall (a software one at that) to protect him. Why not
> apply the patches and get the additional level of security? I can
> understand
> waiting a while or doing some testing beforehand but there is no good
> reason
> not to apply critical patches.
>
Anonymous
August 19, 2005 1:45:33 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <e#JQvsDpFHA.2472@tk2msftngp13.phx.gbl>,
cnfrisch@nospamgmail.com says...
> I'm sure all the companies that got hit with the Zotob worm had
> firewalls enabled. Microsoft issued a critical update over a week
> ago to prevent this infection. I guess they too thought a firewall
> was all they need....guess they were wrong.

Carey - do you really understand security? If you did you would not have
made that statement in the way that you did.

Many companies, large groups and small, don't secure their networks
properly because the people doing the firewall setup don't have a good
understanding of the specific business needs for security - they take
the easy way out and expose more than needed.

Not one single company we designed the security for has been infected or
impacted by the worm directly. It's about understanding, not about how
fast MS can push out updates.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 1:49:04 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <Xns96B69D488FAC6bobarcabca@207.46.248.16>,
bob@arc.ab.caREMOVETHIS says...
> Leythos <void@nowhere.lan> wrote in
> news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
>
> > In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
> > bob@arc.ab.caREMOVETHIS says...
> >> PS I want to slap you upside the head! While there are often other ways
> >> to prevent attacks why not fix the problem? What happens if your
> >> firewall fails or you misconfigure it?
> >
> > Are you serious? If the firewall fails you don't have any internet
> > access in most cases. If you misconfigure it, most times you're still
> > not exposed enough to cause a problem. Many people test their firewalls
> > against intrusion, so it's easy to tell if one is "misconfigured" if the
> > admin cares.
>
> Yes I'm serious. Firewalls have bugs too! The original poster is relying
> ENTIRELY on his firewall (a software one at that) to protect him. Why not
> apply the patches and get the additional level of security? I can understand
> waiting a while or doing some testing beforehand but there is no good reason
> not to apply critical patches.

I think you will find that there have been many cases where a Patch has
cause a custom application to fail or some cheap hardware device to fail
or where a combination of apps/devices have failed due to service packs
or updates.

Do you remember when Sp2 came out for XP? Many systems ran fine on SP1
and didn't need SP2 to keep working, many things were impacted by SP2
changes, and those same systems running Sp1 were just as safe without
SP2 in a properly secured network.

I'm not advocating not installing SP's and critical updates, but
critical is relative, so consider how updates that are untested could
impact others and not just yourself.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 1:49:05 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Leythos <void@nowhere.lan> wrote in
news:MPG.1d6ecc5f328d8c0b989c5a@news-server.columbus.rr.com:

> In article <Xns96B69D488FAC6bobarcabca@207.46.248.16>,
> bob@arc.ab.caREMOVETHIS says...
>> Leythos <void@nowhere.lan> wrote in
>> news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
>>
>> > In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
>> > bob@arc.ab.caREMOVETHIS says...
>> >> PS I want to slap you upside the head! While there are often other
>> >> ways to prevent attacks why not fix the problem? What happens if
>> >> your firewall fails or you misconfigure it?
>> >
>> > Are you serious? If the firewall fails you don't have any internet
>> > access in most cases. If you misconfigure it, most times you're still
>> > not exposed enough to cause a problem. Many people test their
>> > firewalls against intrusion, so it's easy to tell if one is
>> > "misconfigured" if the admin cares.
>>
>> Yes I'm serious. Firewalls have bugs too! The original poster is
>> relying ENTIRELY on his firewall (a software one at that) to protect
>> him. Why not apply the patches and get the additional level of
>> security? I can understand waiting a while or doing some testing
>> beforehand but there is no good reason not to apply critical patches.
>
> I think you will find that there have been many cases where a Patch has
> cause a custom application to fail or some cheap hardware device to fail
> or where a combination of apps/devices have failed due to service packs
> or updates.
>
> Do you remember when Sp2 came out for XP? Many systems ran fine on SP1
> and didn't need SP2 to keep working, many things were impacted by SP2
> changes, and those same systems running Sp1 were just as safe without
> SP2 in a properly secured network.
>
> I'm not advocating not installing SP's and critical updates, but
> critical is relative, so consider how updates that are untested could
> impact others and not just yourself.

As I mentioned in another post on this subject I do user support for over
600 people in a research environment with diverse hardware and software and
haven't had any serious issues with critical patches from Microsoft since
the days of Windows NT.

It is interesting that most issues we have had with Microsoft updates
occurred on laptops with ZoneAlarm. After certain updates ZoneAlarm will not
let lsass.exe or services.exe through (new versions installed as part of the
update). Easy fix is to remove the machine from the network during the
reboot and ZoneAlarm will then ask wether or not to allow these applications
through.
Anonymous
August 19, 2005 1:52:18 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

In article <eyS0K5DpFHA.1372@TK2MSFTNGP10.phx.gbl>, PcEngWork-
NoSpam_@mindspring.com says...
> Most times they appreciate having a resource to
> tell them when a "Serious" threat needs their attention. What's
> more interesting is that just about everybody on the mailing
> list will follow the directions.

That's how we do it too - we test, check the updates, then send an
alert to customers and friends, almost everyone follows the
instructions.

--

spam999free@rrohio.com
remove 999 in order to email me
Anonymous
August 19, 2005 3:46:23 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

It took us well over a year to convince my bosses to allow automatic updates
and this was for MS and antivirus. They wanted to test all updates. In the
mean time all 8000 systems on lab are quickly getting infected and
spreading. Then the customers get mad at us because it takes our techs 2
hours to get there instead of 25 min.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
> Leythos <void@nowhere.lan> wrote in
> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>
>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>> bob@arc.ab.caREMOVETHIS says...
>>> I'd be curious how you decide what is absolutely necessary? In my books
>>> that would be any patches classified as critical.
>>
>> While all patches are critical of nature, until you test them against
>> your environment there is little reason to blindly install them, unless
>> the patch provides immediate protection for a problem you are
>> immediately exposed too. In many cases the exposure path is limited and
>> you can safely wait/test the patches and then install them.
>
> I was referring to patches classified as 'critical' by Microsoft. For more
> info on Microsoft's ratings visit this site:
>
> http://www.microsoft.com/technet/security/bulletin/rati...
>
> A quote from the above site:
>
> "We believe that customers who use an affected product should almost
> always
> apply patches that address vulnerabilities rated critical or important.
> Patches rated critical should be applied in an especially timely manner."
>
> If you read the bulletins there are often other ways to address the
> vulnerability which can be used while you test the patch.
>
> I support about 600 users all using automatic update (critical patches
> installed as soon as they are available) has been that we haven't had a
> problem with these updates since the days of Windows NT. Of course your
> environment may be different.
August 19, 2005 3:46:24 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

>Then the customers get mad at us because it takes our techs 2
hours to get there instead of 25 min.

What Government agency has customers such as this?

--
Mike Pawlak


pcbutts1 wrote:
> It took us well over a year to convince my bosses to allow automatic
> updates and this was for MS and antivirus. They wanted to test all
> updates. In the mean time all 8000 systems on lab are quickly getting
> infected and spreading. Then the customers get mad at us because it
> takes our techs 2 hours to get there instead of 25 min.
>
>
> "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
> news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
>> Leythos <void@nowhere.lan> wrote in
>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>>
>>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>>> bob@arc.ab.caREMOVETHIS says...
>>>> I'd be curious how you decide what is absolutely necessary? In my
>>>> books that would be any patches classified as critical.
>>>
>>> While all patches are critical of nature, until you test them
>>> against your environment there is little reason to blindly install
>>> them, unless the patch provides immediate protection for a problem
>>> you are immediately exposed too. In many cases the exposure path is
>>> limited and you can safely wait/test the patches and then install
>>> them.
>>
>> I was referring to patches classified as 'critical' by Microsoft.
>> For more info on Microsoft's ratings visit this site:
>>
>> http://www.microsoft.com/technet/security/bulletin/rati...
>>
>> A quote from the above site:
>>
>> "We believe that customers who use an affected product should almost
>> always
>> apply patches that address vulnerabilities rated critical or
>> important. Patches rated critical should be applied in an especially
>> timely manner."
>>
>> If you read the bulletins there are often other ways to address the
>> vulnerability which can be used while you test the patch.
>>
>> I support about 600 users all using automatic update (critical
>> patches installed as soon as they are available) has been that we
>> haven't had a problem with these updates since the days of Windows
>> NT. Of course your environment may be different.
Anonymous
August 19, 2005 5:50:44 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Nasa for one but all of them. There is no more "in-house" when it comes to
tech support for the government. Everything is outsourced and the ones that
aren't will soon be. So when I say customers I am talking about the
government employees being the customer.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"MAP" <mikepawlak2REM@OVEhotmail.com> wrote in message
news:uMU%23kkFpFHA.1416@TK2MSFTNGP09.phx.gbl...
> >Then the customers get mad at us because it takes our techs 2
> hours to get there instead of 25 min.
>
> What Government agency has customers such as this?
>
> --
> Mike Pawlak
>
>
> pcbutts1 wrote:
>> It took us well over a year to convince my bosses to allow automatic
>> updates and this was for MS and antivirus. They wanted to test all
>> updates. In the mean time all 8000 systems on lab are quickly getting
>> infected and spreading. Then the customers get mad at us because it
>> takes our techs 2 hours to get there instead of 25 min.
>>
>>
>> "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
>> news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
>>> Leythos <void@nowhere.lan> wrote in
>>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
>>>
>>>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
>>>> bob@arc.ab.caREMOVETHIS says...
>>>>> I'd be curious how you decide what is absolutely necessary? In my
>>>>> books that would be any patches classified as critical.
>>>>
>>>> While all patches are critical of nature, until you test them
>>>> against your environment there is little reason to blindly install
>>>> them, unless the patch provides immediate protection for a problem
>>>> you are immediately exposed too. In many cases the exposure path is
>>>> limited and you can safely wait/test the patches and then install
>>>> them.
>>>
>>> I was referring to patches classified as 'critical' by Microsoft.
>>> For more info on Microsoft's ratings visit this site:
>>>
>>> http://www.microsoft.com/technet/security/bulletin/rati...
>>>
>>> A quote from the above site:
>>>
>>> "We believe that customers who use an affected product should almost
>>> always
>>> apply patches that address vulnerabilities rated critical or
>>> important. Patches rated critical should be applied in an especially
>>> timely manner."
>>>
>>> If you read the bulletins there are often other ways to address the
>>> vulnerability which can be used while you test the patch.
>>>
>>> I support about 600 users all using automatic update (critical
>>> patches installed as soon as they are available) has been that we
>>> haven't had a problem with these updates since the days of Windows
>>> NT. Of course your environment may be different.
>
>
>
Anonymous
August 19, 2005 5:50:45 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

pcbutts1 wrote:
> Nasa for one but all of them. There is no more "in-house" when it
> comes to tech support for the government. Everything is outsourced
> and the ones that aren't will soon be. So when I say customers I am
> talking about the government employees being the customer.

No wonder NASA is so f*#ked up.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
August 19, 2005 2:23:18 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

kurttrail wrote:
> pcbutts1 wrote:
>> Nasa for one but all of them. There is no more "in-house" when it
>> comes to tech support for the government. Everything is outsourced
>> and the ones that aren't will soon be. So when I say customers I am
>> talking about the government employees being the customer.
>
> No wonder NASA is so f*#ked up.

You got that right! two flappin years later and still issues with the foam,
as an aircraft mechanic (AMT) if I worked on these flying machines in the
same way
they would be going down everywhere :-)

--
Mike Pawlak
August 19, 2005 2:25:17 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

> talking about the government employees being the customer.

Please don't tell me that the Gov. is doing the "self directed team
concept?"

Mike Pawlak
Anonymous
August 19, 2005 2:52:46 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
news:#Qcl8SIpFHA.3516@TK2MSFTNGP15.phx.gbl:

>> What you are doing defies all common security practices (multiple
>> layers of defense, properly configured and updated systems.)
>
> FYI: I did install the update, AFTER I was assured that it would not
> create any problems, and then recommended it to others. I still believe
> that Microsoft uses the word "critical" loosely. I also do not like
> updates that cause problems, and when one wants to uninstall them, a
> dialog box comes up listing a group of applications which might not
> function properly if the update is uninstalled. One should be informed
> BEFORE the install of the update of that list of applications which
> might not run correctly if the update is uninstalled.

Nobody likes updates that cause problems. Having said that nobody likes
software with security holes either. Sadly these are both facts of life.
Fortunately Microsoft seems to be getting better at addressing both of these
issues.

As for uninstalling updates the key phrase is 'MIGHT not work'. The worst
thing that could happen would be having to reinstall the application.
Anonymous
August 19, 2005 6:12:02 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Zotob: An Avoidable Worm And The Negligence Factor
http://www.securitypipeline.com/169400254?_loopback=1

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

---------------------------------------------------------------------------

"t.cruise" wrote:

> I know that many in this group support downloading Windows XP updates. Personally, I
> download and install ONLY what is absolutely necessary, which for me has avoided problems
> with smooth running systems. There has been much media attention the past couple of days
> about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
> patch available for download at the Microsoft web site
> WindowsXP-KB899588-x86-ENU.exe
>
> But, there has been mass media hysteria in the past about viruses and worms, none of which
> have made their way to any of my systems with broadband internet connections, without my
> having to download and install the plethora of security patches at the Windows Update. My
> question is, if I have a decent firewall am I already protected, or do I really need to
> install this patch?
> --
>
> T.C.
Anonymous
August 19, 2005 6:55:12 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

The #1 delay in all shuttle missions is that Fuel Cell sensor issue. To this
day they still don't know what causes it, all they do is replace it.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"MAP" <mikepawlak2REM@OVEhotmail.com> wrote in message
news:e4M52mMpFHA.1304@TK2MSFTNGP10.phx.gbl...
> kurttrail wrote:
>> pcbutts1 wrote:
>>> Nasa for one but all of them. There is no more "in-house" when it
>>> comes to tech support for the government. Everything is outsourced
>>> and the ones that aren't will soon be. So when I say customers I am
>>> talking about the government employees being the customer.
>>
>> No wonder NASA is so f*#ked up.
>
> You got that right! two flappin years later and still issues with the
> foam,
> as an aircraft mechanic (AMT) if I worked on these flying machines in the
> same way
> they would be going down everywhere :-)
>
> --
> Mike Pawlak
>
>
Anonymous
August 19, 2005 6:55:13 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

pcbutts1 wrote:
> The #1 delay in all shuttle missions is that Fuel Cell sensor issue.
> To this day they still don't know what causes it, all they do is
> replace it.

The next launch being pushed back to next March is mainly due to the
foam issue.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
!