Zotob worm patch?

Archived from groups: microsoft.public.windowsxp.general (More info?)

I know that many in this group support downloading Windows XP updates. Personally, I
download and install ONLY what is absolutely necessary, which for me has avoided problems
with smooth running systems. There has been much media attention the past couple of days
about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
patch available for download at the Microsoft web site
WindowsXP-KB899588-x86-ENU.exe

But, there has been mass media hysteria in the past about viruses and worms, none of which
have made their way to any of my systems with broadband internet connections, without my
having to download and install the plethora of security patches at the Windows Update. My
question is, if I have a decent firewall am I already protected, or do I really need to
install this patch?
--

T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply
36 answers Last reply
More about zotob worm patch
  1. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:

    > I know that many in this group support downloading Windows XP updates.
    > Personally, I download and install ONLY what is absolutely necessary,
    > which for me has avoided problems with smooth running systems. There
    > has been much media attention the past couple of days about the Zotob
    > worm, I.E., PnP and compromised Windows security. I know that there is
    > a patch available for download at the Microsoft web site
    > WindowsXP-KB899588-x86-ENU.exe
    >
    > But, there has been mass media hysteria in the past about viruses and
    > worms, none of which have made their way to any of my systems with
    > broadband internet connections, without my having to download and
    > install the plethora of security patches at the Windows Update. My
    > question is, if I have a decent firewall am I already protected, or do I
    > really need to install this patch?
    > --
    >
    > T.C.
    > t__cruise@[NoSpam]hotmail.com
    > Remove [NoSpam] to reply

    Of course you don't NEED to install the patch. You MAY be safe but on the
    other hand the patch is free and a small download so why not install it?

    I'd be curious how you decide what is absolutely necessary? In my books that
    would be any patches classified as critical.
  2. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    news:Xns96B68859F2541bobarcabca@207.46.248.16...
    > "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    > news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
    >
    > > I know that many in this group support downloading Windows XP updates.
    > > Personally, I download and install ONLY what is absolutely necessary,
    > > which for me has avoided problems with smooth running systems. There
    > > has been much media attention the past couple of days about the Zotob
    > > worm, I.E., PnP and compromised Windows security. I know that there is
    > > a patch available for download at the Microsoft web site
    > > WindowsXP-KB899588-x86-ENU.exe
    > >
    > > But, there has been mass media hysteria in the past about viruses and
    > > worms, none of which have made their way to any of my systems with
    > > broadband internet connections, without my having to download and
    > > install the plethora of security patches at the Windows Update. My
    > > question is, if I have a decent firewall am I already protected, or do I
    > > really need to install this patch?
    > > --
    > >
    > > T.C.
    > > t__cruise@[NoSpam]hotmail.com
    > > Remove [NoSpam] to reply
    >
    > Of course you don't NEED to install the patch. You MAY be safe but on the
    > other hand the patch is free and a small download so why not install it?
    >
    > I'd be curious how you decide what is absolutely necessary? In my books that
    > would be any patches classified as critical.
    >

    It would be for an immediate problem, such as support for hardware, which was not
    available prior to the update. Aside from that, when it comes to security, the Zone
    Alarm firewall, and safe internet computing practices have kept my systems clean and
    running smoothly, without downloading even one Windows Update for the past couple of
    years. I never updated my SP1 systems to SP2, and all is fine with them. I know the
    hardware/drivers/Software/Utilities and resources on those systems, and looked at the risk
    v. benefit of updating them to SP2. I decided not to. I realize that the majority of
    people who updated to SP2 did not have any problems, but some had major problems during
    and after the SP2 update. My SP1 systems are still running fine. I realize that there
    are many people who will disagree with my practices and logic. Working on other people's
    systems is one thing. But, downloading an update which does not play nice with one of my
    configurations is something that I do not want to waste time fixing, even if the fix only
    involves an hour of my time. Or, downloading an update and then needing to do a System
    Restore to a time prior to the download of that update, because of another problem, which
    would mean downloading the update again, is something I do not want to have to keep track
    of, or get involved with, unless absolutely necessary.
    --

    T.C.
    t__cruise@[NoSpam]hotmail.com
    Remove [NoSpam] to reply
  3. Archived from groups: microsoft.public.windowsxp.general (More info?)

    All "critical updates" are considered "absolutely necessary" to maintain
    the security of your Windows XP operating system.

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    -------------------------------------------------------------------------------------------

    "t.cruise" wrote:

    | I know that many in this group support downloading Windows XP updates. Personally, I
    | download and install ONLY what is absolutely necessary, which for me has avoided problems
    | with smooth running systems. There has been much media attention the past couple of days
    | about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
    | patch available for download at the Microsoft web site
    | WindowsXP-KB899588-x86-ENU.exe
    |
    | But, there has been mass media hysteria in the past about viruses and worms, none of which
    | have made their way to any of my systems with broadband internet connections, without my
    | having to download and install the plethora of security patches at the Windows Update. My
    | question is, if I have a decent firewall am I already protected, or do I really need to
    | install this patch?
    | --
    |
    | T.C.
  4. Archived from groups: microsoft.public.windowsxp.general (More info?)

    I respect your opinion. I have found, what Microsoft considers critical, is not always
    critical. Many critical updates should have a disclaimer: If you are using a decent
    firewall, then this update is not necessary. My question was not answered though. If one
    has a decent firewall, will that stop the zotob worm from infecting a system?
    --

    T.C.
    t__cruise@[NoSpam]hotmail.com
    Remove [NoSpam] to reply


    "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
    news:#mDbsnCpFHA.1372@TK2MSFTNGP10.phx.gbl...
    > All "critical updates" are considered "absolutely necessary" to maintain
    > the security of your Windows XP operating system.
    >
    > --
    > Carey Frisch
    > Microsoft MVP
    > Windows XP - Shell/User
    > Microsoft Newsgroups
    >
    > ----------------------------------------------------------------------------------------
    ---
    >
    > "t.cruise" wrote:
    >
    > | I know that many in this group support downloading Windows XP updates. Personally, I
    > | download and install ONLY what is absolutely necessary, which for me has avoided
    problems
    > | with smooth running systems. There has been much media attention the past couple of
    days
    > | about the Zotob worm, I.E., PnP and compromised Windows security. I know that there
    is a
    > | patch available for download at the Microsoft web site
    > | WindowsXP-KB899588-x86-ENU.exe
    > |
    > | But, there has been mass media hysteria in the past about viruses and worms, none of
    which
    > | have made their way to any of my systems with broadband internet connections, without
    my
    > | having to download and install the plethora of security patches at the Windows Update.
    My
    > | question is, if I have a decent firewall am I already protected, or do I really need
    to
    > | install this patch?
    > | --
    > |
    > | T.C.
    >
  5. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    news:eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl:

    > I respect your opinion. I have found, what Microsoft considers
    > critical, is not always critical. Many critical updates should have a
    > disclaimer: If you are using a decent firewall, then this update is not
    > necessary. My question was not answered though. If one has a decent
    > firewall, will that stop the zotob worm from infecting a system?

    First of all if you are running any OS other than Windows 2000 you are
    unlikely to be affected . Secondly a firewall blocking ports 139 and 445
    while prevent the attack. For more information I would suggest that you
    visit this page:

    http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx

    Click on Vulnerability Details and expand it until you get to Workarounds.

    PS I want to slap you upside the head! While there are often other ways to
    prevent attacks why not fix the problem? What happens if your firewall fails
    or you misconfigure it?
  6. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    news:eJekL9CpFHA.1416@TK2MSFTNGP09.phx.gbl:

    >
    > "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    > news:Xns96B68859F2541bobarcabca@207.46.248.16...
    >> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    >> news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
    >>
    >> > I know that many in this group support downloading Windows XP
    >> > updates. Personally, I download and install ONLY what is absolutely
    >> > necessary, which for me has avoided problems with smooth running
    >> > systems. There has been much media attention the past couple of days
    >> > about the Zotob worm, I.E., PnP and compromised Windows security. I
    >> > know that there is a patch available for download at the Microsoft
    >> > web site WindowsXP-KB899588-x86-ENU.exe
    >> >
    >> > But, there has been mass media hysteria in the past about viruses and
    >> > worms, none of which have made their way to any of my systems with
    >> > broadband internet connections, without my having to download and
    >> > install the plethora of security patches at the Windows Update. My
    >> > question is, if I have a decent firewall am I already protected, or
    >> > do I really need to install this patch?
    >> > --
    >> >
    >> > T.C.
    >> > t__cruise@[NoSpam]hotmail.com
    >> > Remove [NoSpam] to reply
    >>
    >> Of course you don't NEED to install the patch. You MAY be safe but on
    >> the other hand the patch is free and a small download so why not
    >> install it?
    >>
    >> I'd be curious how you decide what is absolutely necessary? In my books
    >> that would be any patches classified as critical.
    >>
    > It would be for an immediate problem, such as support for hardware,
    > which was not available prior to the update. Aside from that, when it
    > comes to security, the Zone Alarm firewall, and safe internet computing
    > practices have kept my systems clean and running smoothly, without
    > downloading even one Windows Update for the past couple of years. I
    > never updated my SP1 systems to SP2, and all is fine with them. I know
    > the hardware/drivers/Software/Utilities and resources on those systems,
    > and looked at the risk v. benefit of updating them to SP2. I decided
    > not to. I realize that the majority of people who updated to SP2 did
    > not have any problems, but some had major problems during and after the
    > SP2 update. My SP1 systems are still running fine. I realize that
    > there are many people who will disagree with my practices and logic.
    > Working on other people's systems is one thing. But, downloading an
    > update which does not play nice with one of my configurations is
    > something that I do not want to waste time fixing, even if the fix only
    > involves an hour of my time. Or, downloading an update and then needing
    > to do a System Restore to a time prior to the download of that update,
    > because of another problem, which would mean downloading the update
    > again, is something I do not want to have to keep track of, or get
    > involved with, unless absolutely necessary. --

    You do realize that ZoneAlarm has had it's own vulnerabilities? You are
    essentially putting all your eggs in one basket and relying entirely on a
    software firewall to protect you. You are trading off a possible problem
    from an update against a likely nastier problem from a vulnerability being
    exploited.

    FYI I do support for over 600 people and haven't had an issue with a
    critical update from Microsoft since the days of Windows NT. We have very
    diverse hardware as I work for a research organization with all sorts of
    strange equipment. I have never had to do a system restore due to an
    update.

    What you are doing defies all common security practices (multiple layers
    of defense, properly configured and updated systems.)
  7. Archived from groups: microsoft.public.windowsxp.general (More info?)

    I'm sure all the companies that got hit with the Zotob worm had
    firewalls enabled. Microsoft issued a critical update over a week
    ago to prevent this infection. I guess they too thought a firewall
    was all they need....guess they were wrong.

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    -------------------------------------------------------------------------------------------

    "t.cruise" wrote:

    |I respect your opinion. I have found, what Microsoft considers critical, is not always
    | critical. Many critical updates should have a disclaimer: If you are using a decent
    | firewall, then this update is not necessary. My question was not answered though. If one
    | has a decent firewall, will that stop the zotob worm from infecting a system?
    | --
    |
    | T.C.
  8. Archived from groups: microsoft.public.windowsxp.general (More info?)

    This is for XP only!!!
    The scumbag trying to use the PnP exploit has to have
    1.Access to your keyboard or
    2.Admin rights to exploit this remotely

    From M/s website under mitigating factors of this hotfix
    Mitigating Factors for Plug and Play Vulnerability - CAN-2005-1983:
    . On Windows XP Service Pack 2 and Windows Server 2003 an attacker
    must have valid logon credentials and be able to log on locally to exploit
    this vulnerability. The vulnerability could not be exploited remotely by
    anonymous users or by users who have standard user accounts. However, the
    affected component is available remotely to users who have administrative
    permissions.

    . On Windows XP Service Pack 1 an attacker must have valid logon
    credentials to try to exploit this vulnerability. The vulnerability could
    not be exploited remotely by anonymous users. However, the affected
    component is available remotely to users who have standard user accounts.

    . Firewall best practices and standard default firewall configurations
    can help protect networks from attacks that originate outside the enterprise
    perimeter. Best practices recommend that systems that are connected to the
    Internet have a minimal number of ports exposed.

    When you say that M/S has a habit of saying everything is "critical"
    or must have you are right.

    --
    Mike Pawlak


    t.cruise wrote:
    > I know that many in this group support downloading Windows XP
    > updates. Personally, I download and install ONLY what is absolutely
    > necessary, which for me has avoided problems with smooth running
    > systems. There has been much media attention the past couple of days
    > about the Zotob worm, I.E., PnP and compromised Windows security. I
    > know that there is a patch available for download at the Microsoft
    > web site
    > WindowsXP-KB899588-x86-ENU.exe
    >
    > But, there has been mass media hysteria in the past about viruses and
    > worms, none of which have made their way to any of my systems with
    > broadband internet connections, without my having to download and
    > install the plethora of security patches at the Windows Update. My
    > question is, if I have a decent firewall am I already protected, or
    > do I really need to install this patch?
  9. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    bob@arc.ab.caREMOVETHIS says...
    > I'd be curious how you decide what is absolutely necessary? In my books that
    > would be any patches classified as critical.

    While all patches are critical of nature, until you test them against
    your environment there is little reason to blindly install them, unless
    the patch provides immediate protection for a problem you are
    immediately exposed too. In many cases the exposure path is limited and
    you can safely wait/test the patches and then install them.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  10. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Leythos <void@nowhere.lan> wrote in
    news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:

    > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    > bob@arc.ab.caREMOVETHIS says...
    >> I'd be curious how you decide what is absolutely necessary? In my books
    >> that would be any patches classified as critical.
    >
    > While all patches are critical of nature, until you test them against
    > your environment there is little reason to blindly install them, unless
    > the patch provides immediate protection for a problem you are
    > immediately exposed too. In many cases the exposure path is limited and
    > you can safely wait/test the patches and then install them.

    I was referring to patches classified as 'critical' by Microsoft. For more
    info on Microsoft's ratings visit this site:

    http://www.microsoft.com/technet/security/bulletin/rating.mspx

    A quote from the above site:

    "We believe that customers who use an affected product should almost always
    apply patches that address vulnerabilities rated critical or important.
    Patches rated critical should be applied in an especially timely manner."

    If you read the bulletins there are often other ways to address the
    vulnerability which can be used while you test the patch.

    I support about 600 users all using automatic update (critical patches
    installed as soon as they are available) has been that we haven't had a
    problem with these updates since the days of Windows NT. Of course your
    environment may be different.
  11. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl>, t__cruise@[NoSpam]
    hotmail.com says...
    > My question was not answered though. If one
    > has a decent firewall, will that stop the zotob worm from infecting a system?

    Your question has no direct answer as we don't know your network.

    Ask yourself this - do you know how it gets into a network? All possible
    paths?

    Does your firewall protect you from all of those paths?

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  12. Archived from groups: microsoft.public.windowsxp.general (More info?)

    My systems are not networked to each other. Each is stand alone, with its own Road Runner
    internet connection. Each has the Zone Alarm firewall.
    --

    T.C.
    t__cruise@[NoSpam]hotmail.com
    Remove [NoSpam] to reply


    "Leythos" <void@nowhere.lan> wrote in message
    news:MPG.1d6eb28337e83df3989c50@news-server.columbus.rr.com...
    > In article <eC6gtsCpFHA.3552@TK2MSFTNGP10.phx.gbl>, t__cruise@[NoSpam]
    > hotmail.com says...
    > > My question was not answered though. If one
    > > has a decent firewall, will that stop the zotob worm from infecting a system?
    >
    > Your question has no direct answer as we don't know your network.
    >
    > Ask yourself this - do you know how it gets into a network? All possible
    > paths?
    >
    > Does your firewall protect you from all of those paths?
    >
    > --
    >
    > spam999free@rrohio.com
    > remove 999 in order to email me
  13. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    news:Xns96B69FDFD5B5Fbobarcabca@207.46.248.16...
    > "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    > news:eJekL9CpFHA.1416@TK2MSFTNGP09.phx.gbl:
    >
    > >
    > > "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    > > news:Xns96B68859F2541bobarcabca@207.46.248.16...
    > >> "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    > >> news:#RRcbkCpFHA.3036@TK2MSFTNGP14.phx.gbl:
    > >>
    > >> > I know that many in this group support downloading Windows XP
    > >> > updates. Personally, I download and install ONLY what is absolutely
    > >> > necessary, which for me has avoided problems with smooth running
    > >> > systems. There has been much media attention the past couple of days
    > >> > about the Zotob worm, I.E., PnP and compromised Windows security. I
    > >> > know that there is a patch available for download at the Microsoft
    > >> > web site WindowsXP-KB899588-x86-ENU.exe
    > >> >
    > >> > But, there has been mass media hysteria in the past about viruses and
    > >> > worms, none of which have made their way to any of my systems with
    > >> > broadband internet connections, without my having to download and
    > >> > install the plethora of security patches at the Windows Update. My
    > >> > question is, if I have a decent firewall am I already protected, or
    > >> > do I really need to install this patch?
    > >> > --
    > >> >
    > >> > T.C.
    > >> > t__cruise@[NoSpam]hotmail.com
    > >> > Remove [NoSpam] to reply
    > >>
    > >> Of course you don't NEED to install the patch. You MAY be safe but on
    > >> the other hand the patch is free and a small download so why not
    > >> install it?
    > >>
    > >> I'd be curious how you decide what is absolutely necessary? In my books
    > >> that would be any patches classified as critical.
    > >>
    > > It would be for an immediate problem, such as support for hardware,
    > > which was not available prior to the update. Aside from that, when it
    > > comes to security, the Zone Alarm firewall, and safe internet computing
    > > practices have kept my systems clean and running smoothly, without
    > > downloading even one Windows Update for the past couple of years. I
    > > never updated my SP1 systems to SP2, and all is fine with them. I know
    > > the hardware/drivers/Software/Utilities and resources on those systems,
    > > and looked at the risk v. benefit of updating them to SP2. I decided
    > > not to. I realize that the majority of people who updated to SP2 did
    > > not have any problems, but some had major problems during and after the
    > > SP2 update. My SP1 systems are still running fine. I realize that
    > > there are many people who will disagree with my practices and logic.
    > > Working on other people's systems is one thing. But, downloading an
    > > update which does not play nice with one of my configurations is
    > > something that I do not want to waste time fixing, even if the fix only
    > > involves an hour of my time. Or, downloading an update and then needing
    > > to do a System Restore to a time prior to the download of that update,
    > > because of another problem, which would mean downloading the update
    > > again, is something I do not want to have to keep track of, or get
    > > involved with, unless absolutely necessary. --
    >
    > You do realize that ZoneAlarm has had it's own vulnerabilities? You are
    > essentially putting all your eggs in one basket and relying entirely on a
    > software firewall to protect you. You are trading off a possible problem
    > from an update against a likely nastier problem from a vulnerability being
    > exploited.
    >
    > FYI I do support for over 600 people and haven't had an issue with a
    > critical update from Microsoft since the days of Windows NT. We have very
    > diverse hardware as I work for a research organization with all sorts of
    > strange equipment. I have never had to do a system restore due to an
    > update.
    >
    > What you are doing defies all common security practices (multiple layers
    > of defense, properly configured and updated systems.)

    FYI: I did install the update, AFTER I was assured that it would not create any problems,
    and then recommended it to others. I still believe that Microsoft uses the word
    "critical" loosely. I also do not like updates that cause problems, and when one wants to
    uninstall them, a dialog box comes up listing a group of applications which might not
    function properly if the update is uninstalled. One should be informed BEFORE the install
    of the update of that list of applications which might not run correctly if the update is
    uninstalled.
    --

    T.C.
    t__cruise@[NoSpam]hotmail.com
    Remove [NoSpam] to reply
  14. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
    bob@arc.ab.caREMOVETHIS says...
    > Leythos <void@nowhere.lan> wrote in
    > news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >
    > > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    > > bob@arc.ab.caREMOVETHIS says...
    > >> I'd be curious how you decide what is absolutely necessary? In my books
    > >> that would be any patches classified as critical.
    > >
    > > While all patches are critical of nature, until you test them against
    > > your environment there is little reason to blindly install them, unless
    > > the patch provides immediate protection for a problem you are
    > > immediately exposed too. In many cases the exposure path is limited and
    > > you can safely wait/test the patches and then install them.
    >
    > I was referring to patches classified as 'critical' by Microsoft. For more
    > info on Microsoft's ratings visit this site:

    Yes, I know what you were referring to, and my statement stands.

    Some users can put up with Automatic Updates, others require testing
    before installation, either way, if the network security is properly
    setup none of those patches are critical. Keep in mind, I'm not saying
    that they are not critical to most systems, only that if you have a
    fully protected network, you don't need them until after you've tested.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  15. Archived from groups: microsoft.public.windowsxp.general (More info?)

    I think some of the victims of Zotob had their initial infection
    brought in by notebooks that spread it into their network. Now
    with USB Flash devices there is even more portable "Threats"
    to a business network.

    "Leythos" <void@nowhere.lan> wrote in message
    news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com...
    > In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
    > bob@arc.ab.caREMOVETHIS says...
    >> Leythos <void@nowhere.lan> wrote in
    >> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >>
    >> > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >> > bob@arc.ab.caREMOVETHIS says...
    >> >> I'd be curious how you decide what is absolutely necessary? In my
    >> >> books
    >> >> that would be any patches classified as critical.
    >> >
    >> > While all patches are critical of nature, until you test them against
    >> > your environment there is little reason to blindly install them, unless
    >> > the patch provides immediate protection for a problem you are
    >> > immediately exposed too. In many cases the exposure path is limited and
    >> > you can safely wait/test the patches and then install them.
    >>
    >> I was referring to patches classified as 'critical' by Microsoft. For
    >> more
    >> info on Microsoft's ratings visit this site:
    >
    > Yes, I know what you were referring to, and my statement stands.
    >
    > Some users can put up with Automatic Updates, others require testing
    > before installation, either way, if the network security is properly
    > setup none of those patches are critical. Keep in mind, I'm not saying
    > that they are not critical to most systems, only that if you have a
    > fully protected network, you don't need them until after you've tested.
    >
    > --
    >
    > spam999free@rrohio.com
    > remove 999 in order to email me
  16. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Leythos <void@nowhere.lan> wrote in
    news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com:

    > In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
    > bob@arc.ab.caREMOVETHIS says...
    >> Leythos <void@nowhere.lan> wrote in
    >> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >>
    >> > In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >> > bob@arc.ab.caREMOVETHIS says...
    >> >> I'd be curious how you decide what is absolutely necessary? In my
    >> >> books that would be any patches classified as critical.
    >> >
    >> > While all patches are critical of nature, until you test them against
    >> > your environment there is little reason to blindly install them,
    >> > unless the patch provides immediate protection for a problem you are
    >> > immediately exposed too. In many cases the exposure path is limited
    >> > and you can safely wait/test the patches and then install them.
    >>
    >> I was referring to patches classified as 'critical' by Microsoft. For
    >> more info on Microsoft's ratings visit this site:
    >
    > Yes, I know what you were referring to, and my statement stands.
    >
    > Some users can put up with Automatic Updates, others require testing
    > before installation, either way, if the network security is properly
    > setup none of those patches are critical. Keep in mind, I'm not saying
    > that they are not critical to most systems, only that if you have a
    > fully protected network, you don't need them until after you've tested.

    Not entirely true. Many of these vulnerabilities can be exploited if the
    attacker has physical access to the machine.
  17. Archived from groups: microsoft.public.windowsxp.general (More info?)

    This is just what I've noticed over the past year or so,these so called
    "critical" updates are geared to bussiness or networks many (may) not apply
    to the home user.The PnP exploit comes to mind,why should I care about this
    update which requires valid logon cred. and physical acces to my computer
    (or admin rights) to exploit, when the only people who have access to it are
    my wife and myself?
    It seems more likely to apply to a company that doesn't trust its employees.

    --
    Mike Pawlak


    R. McCarty wrote:
    > I think some of the victims of Zotob had their initial infection
    > brought in by notebooks that spread it into their network. Now
    > with USB Flash devices there is even more portable "Threats"
    > to a business network.
    >
    > "Leythos" <void@nowhere.lan> wrote in message
    > news:MPG.1d6eb6ba2c61aeda989c54@news-server.columbus.rr.com...
    >> In article <Xns96B68FA30EBFAbobarcabca@207.46.248.16>,
    >> bob@arc.ab.caREMOVETHIS says...
    >>> Leythos <void@nowhere.lan> wrote in
    >>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >>>
    >>>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >>>> bob@arc.ab.caREMOVETHIS says...
    >>>>> I'd be curious how you decide what is absolutely necessary? In my
    >>>>> books
    >>>>> that would be any patches classified as critical.
    >>>>
    >>>> While all patches are critical of nature, until you test them
    >>>> against your environment there is little reason to blindly install
    >>>> them, unless the patch provides immediate protection for a problem
    >>>> you are immediately exposed too. In many cases the exposure path
    >>>> is limited and you can safely wait/test the patches and then
    >>>> install them.
    >>>
    >>> I was referring to patches classified as 'critical' by Microsoft.
    >>> For more
    >>> info on Microsoft's ratings visit this site:
    >>
    >> Yes, I know what you were referring to, and my statement stands.
    >>
    >> Some users can put up with Automatic Updates, others require testing
    >> before installation, either way, if the network security is properly
    >> setup none of those patches are critical. Keep in mind, I'm not
    >> saying that they are not critical to most systems, only that if you
    >> have a fully protected network, you don't need them until after
    >> you've tested.
    >>
    >> --
    >>
    >> spam999free@rrohio.com
    >> remove 999 in order to email me
  18. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <eSChyCDpFHA.736@tk2msftngp13.phx.gbl>, t__cruise@[NoSpam]
    hotmail.com says...
    > My systems are not networked to each other. Each is stand alone, with its own Road Runner
    > internet connection. Each has the Zone Alarm firewall.

    Then each is vulnerable to exploits - Personal Firewall installations,
    applications that run on top a users computer while the user can use the
    computer are by no means perfect (and yes, we run ZA Prof, Kerio, and
    several others on our laptops when we go to customers locations). If you
    have road runner (as do I) and you don't at least have a NAT router,
    then you are just assuming you are protected against the next thing.

    Get a NAT router at least.


    --

    spam999free@rrohio.com
    remove 999 in order to email me
  19. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <ep4JYLDpFHA.3516@TK2MSFTNGP15.phx.gbl>, PcEngWork-
    NoSpam_@mindspring.com says...
    > I think some of the victims of Zotob had their initial infection
    > brought in by notebooks that spread it into their network. Now
    > with USB Flash devices there is even more portable "Threats"
    > to a business network.

    I agree, and in many instances, if you don't give them Admin rights on
    the local computer they can't connect the USB drives :)

    Laptops are always a problem and have always been a threat - but you can
    still take standard measures to protect your network against them.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  20. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
    bob@arc.ab.caREMOVETHIS says...
    > PS I want to slap you upside the head! While there are often other ways to
    > prevent attacks why not fix the problem? What happens if your firewall fails
    > or you misconfigure it?

    Are you serious? If the firewall fails you don't have any internet
    access in most cases. If you misconfigure it, most times you're still
    not exposed enough to cause a problem. Many people test their firewalls
    against intrusion, so it's easy to tell if one is "misconfigured" if the
    admin cares.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  21. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Leythos <void@nowhere.lan> wrote in
    news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:

    > In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
    > bob@arc.ab.caREMOVETHIS says...
    >> PS I want to slap you upside the head! While there are often other ways
    >> to prevent attacks why not fix the problem? What happens if your
    >> firewall fails or you misconfigure it?
    >
    > Are you serious? If the firewall fails you don't have any internet
    > access in most cases. If you misconfigure it, most times you're still
    > not exposed enough to cause a problem. Many people test their firewalls
    > against intrusion, so it's easy to tell if one is "misconfigured" if the
    > admin cares.

    Yes I'm serious. Firewalls have bugs too! The original poster is relying
    ENTIRELY on his firewall (a software one at that) to protect him. Why not
    apply the patches and get the additional level of security? I can understand
    waiting a while or doing some testing beforehand but there is no good reason
    not to apply critical patches.
  22. Archived from groups: microsoft.public.windowsxp.general (More info?)

    It takes a long time and a proven track record to remove the
    impression that patches and updates will BREAK other things.

    Service Pack 2's performance toned that down a little. Just
    look at how reticent some people are to install Service Pack 2.
    Anyone who wants to abide by "If it ain't broke - don't fix it"
    should think of it more as "If it ain't updated - it's vulnerable"
    That advice is geared more to the home PC user who wants
    to be safe but isn't really sure how to go about it. Furthermore
    the risk involved with updates/patches can be almost totally
    eliminated with the use of frequent images of their systems.

    Just today, I sent out a Security bulletin to my customers to
    update their Adobe Reader versions. Rarely, does anybody
    complain. Most times they appreciate having a resource to
    tell them when a "Serious" threat needs their attention. What's
    more interesting is that just about everybody on the mailing
    list will follow the directions.


    "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    news:Xns96B69D488FAC6bobarcabca@207.46.248.16...
    > Leythos <void@nowhere.lan> wrote in
    > news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
    >
    >> In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
    >> bob@arc.ab.caREMOVETHIS says...
    >>> PS I want to slap you upside the head! While there are often other ways
    >>> to prevent attacks why not fix the problem? What happens if your
    >>> firewall fails or you misconfigure it?
    >>
    >> Are you serious? If the firewall fails you don't have any internet
    >> access in most cases. If you misconfigure it, most times you're still
    >> not exposed enough to cause a problem. Many people test their firewalls
    >> against intrusion, so it's easy to tell if one is "misconfigured" if the
    >> admin cares.
    >
    > Yes I'm serious. Firewalls have bugs too! The original poster is relying
    > ENTIRELY on his firewall (a software one at that) to protect him. Why not
    > apply the patches and get the additional level of security? I can
    > understand
    > waiting a while or doing some testing beforehand but there is no good
    > reason
    > not to apply critical patches.
    >
  23. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <e#JQvsDpFHA.2472@tk2msftngp13.phx.gbl>,
    cnfrisch@nospamgmail.com says...
    > I'm sure all the companies that got hit with the Zotob worm had
    > firewalls enabled. Microsoft issued a critical update over a week
    > ago to prevent this infection. I guess they too thought a firewall
    > was all they need....guess they were wrong.

    Carey - do you really understand security? If you did you would not have
    made that statement in the way that you did.

    Many companies, large groups and small, don't secure their networks
    properly because the people doing the firewall setup don't have a good
    understanding of the specific business needs for security - they take
    the easy way out and expose more than needed.

    Not one single company we designed the security for has been infected or
    impacted by the worm directly. It's about understanding, not about how
    fast MS can push out updates.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  24. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <Xns96B69D488FAC6bobarcabca@207.46.248.16>,
    bob@arc.ab.caREMOVETHIS says...
    > Leythos <void@nowhere.lan> wrote in
    > news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
    >
    > > In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
    > > bob@arc.ab.caREMOVETHIS says...
    > >> PS I want to slap you upside the head! While there are often other ways
    > >> to prevent attacks why not fix the problem? What happens if your
    > >> firewall fails or you misconfigure it?
    > >
    > > Are you serious? If the firewall fails you don't have any internet
    > > access in most cases. If you misconfigure it, most times you're still
    > > not exposed enough to cause a problem. Many people test their firewalls
    > > against intrusion, so it's easy to tell if one is "misconfigured" if the
    > > admin cares.
    >
    > Yes I'm serious. Firewalls have bugs too! The original poster is relying
    > ENTIRELY on his firewall (a software one at that) to protect him. Why not
    > apply the patches and get the additional level of security? I can understand
    > waiting a while or doing some testing beforehand but there is no good reason
    > not to apply critical patches.

    I think you will find that there have been many cases where a Patch has
    cause a custom application to fail or some cheap hardware device to fail
    or where a combination of apps/devices have failed due to service packs
    or updates.

    Do you remember when Sp2 came out for XP? Many systems ran fine on SP1
    and didn't need SP2 to keep working, many things were impacted by SP2
    changes, and those same systems running Sp1 were just as safe without
    SP2 in a properly secured network.

    I'm not advocating not installing SP's and critical updates, but
    critical is relative, so consider how updates that are untested could
    impact others and not just yourself.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  25. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Leythos <void@nowhere.lan> wrote in
    news:MPG.1d6ecc5f328d8c0b989c5a@news-server.columbus.rr.com:

    > In article <Xns96B69D488FAC6bobarcabca@207.46.248.16>,
    > bob@arc.ab.caREMOVETHIS says...
    >> Leythos <void@nowhere.lan> wrote in
    >> news:MPG.1d6ebd2091d6b8c8989c57@news-server.columbus.rr.com:
    >>
    >> > In article <Xns96B692EFF1FF6bobarcabca@207.46.248.16>,
    >> > bob@arc.ab.caREMOVETHIS says...
    >> >> PS I want to slap you upside the head! While there are often other
    >> >> ways to prevent attacks why not fix the problem? What happens if
    >> >> your firewall fails or you misconfigure it?
    >> >
    >> > Are you serious? If the firewall fails you don't have any internet
    >> > access in most cases. If you misconfigure it, most times you're still
    >> > not exposed enough to cause a problem. Many people test their
    >> > firewalls against intrusion, so it's easy to tell if one is
    >> > "misconfigured" if the admin cares.
    >>
    >> Yes I'm serious. Firewalls have bugs too! The original poster is
    >> relying ENTIRELY on his firewall (a software one at that) to protect
    >> him. Why not apply the patches and get the additional level of
    >> security? I can understand waiting a while or doing some testing
    >> beforehand but there is no good reason not to apply critical patches.
    >
    > I think you will find that there have been many cases where a Patch has
    > cause a custom application to fail or some cheap hardware device to fail
    > or where a combination of apps/devices have failed due to service packs
    > or updates.
    >
    > Do you remember when Sp2 came out for XP? Many systems ran fine on SP1
    > and didn't need SP2 to keep working, many things were impacted by SP2
    > changes, and those same systems running Sp1 were just as safe without
    > SP2 in a properly secured network.
    >
    > I'm not advocating not installing SP's and critical updates, but
    > critical is relative, so consider how updates that are untested could
    > impact others and not just yourself.

    As I mentioned in another post on this subject I do user support for over
    600 people in a research environment with diverse hardware and software and
    haven't had any serious issues with critical patches from Microsoft since
    the days of Windows NT.

    It is interesting that most issues we have had with Microsoft updates
    occurred on laptops with ZoneAlarm. After certain updates ZoneAlarm will not
    let lsass.exe or services.exe through (new versions installed as part of the
    update). Easy fix is to remove the machine from the network during the
    reboot and ZoneAlarm will then ask wether or not to allow these applications
    through.
  26. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <eyS0K5DpFHA.1372@TK2MSFTNGP10.phx.gbl>, PcEngWork-
    NoSpam_@mindspring.com says...
    > Most times they appreciate having a resource to
    > tell them when a "Serious" threat needs their attention. What's
    > more interesting is that just about everybody on the mailing
    > list will follow the directions.

    That's how we do it too - we test, check the updates, then send an
    alert to customers and friends, almost everyone follows the
    instructions.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  27. Archived from groups: microsoft.public.windowsxp.general (More info?)

    It took us well over a year to convince my bosses to allow automatic updates
    and this was for MS and antivirus. They wanted to test all updates. In the
    mean time all 8000 systems on lab are quickly getting infected and
    spreading. Then the customers get mad at us because it takes our techs 2
    hours to get there instead of 25 min.

    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com


    "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
    > Leythos <void@nowhere.lan> wrote in
    > news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >
    >> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >> bob@arc.ab.caREMOVETHIS says...
    >>> I'd be curious how you decide what is absolutely necessary? In my books
    >>> that would be any patches classified as critical.
    >>
    >> While all patches are critical of nature, until you test them against
    >> your environment there is little reason to blindly install them, unless
    >> the patch provides immediate protection for a problem you are
    >> immediately exposed too. In many cases the exposure path is limited and
    >> you can safely wait/test the patches and then install them.
    >
    > I was referring to patches classified as 'critical' by Microsoft. For more
    > info on Microsoft's ratings visit this site:
    >
    > http://www.microsoft.com/technet/security/bulletin/rating.mspx
    >
    > A quote from the above site:
    >
    > "We believe that customers who use an affected product should almost
    > always
    > apply patches that address vulnerabilities rated critical or important.
    > Patches rated critical should be applied in an especially timely manner."
    >
    > If you read the bulletins there are often other ways to address the
    > vulnerability which can be used while you test the patch.
    >
    > I support about 600 users all using automatic update (critical patches
    > installed as soon as they are available) has been that we haven't had a
    > problem with these updates since the days of Windows NT. Of course your
    > environment may be different.
  28. Archived from groups: microsoft.public.windowsxp.general (More info?)

    >Then the customers get mad at us because it takes our techs 2
    hours to get there instead of 25 min.

    What Government agency has customers such as this?

    --
    Mike Pawlak


    pcbutts1 wrote:
    > It took us well over a year to convince my bosses to allow automatic
    > updates and this was for MS and antivirus. They wanted to test all
    > updates. In the mean time all 8000 systems on lab are quickly getting
    > infected and spreading. Then the customers get mad at us because it
    > takes our techs 2 hours to get there instead of 25 min.
    >
    >
    > "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    > news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
    >> Leythos <void@nowhere.lan> wrote in
    >> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >>
    >>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >>> bob@arc.ab.caREMOVETHIS says...
    >>>> I'd be curious how you decide what is absolutely necessary? In my
    >>>> books that would be any patches classified as critical.
    >>>
    >>> While all patches are critical of nature, until you test them
    >>> against your environment there is little reason to blindly install
    >>> them, unless the patch provides immediate protection for a problem
    >>> you are immediately exposed too. In many cases the exposure path is
    >>> limited and you can safely wait/test the patches and then install
    >>> them.
    >>
    >> I was referring to patches classified as 'critical' by Microsoft.
    >> For more info on Microsoft's ratings visit this site:
    >>
    >> http://www.microsoft.com/technet/security/bulletin/rating.mspx
    >>
    >> A quote from the above site:
    >>
    >> "We believe that customers who use an affected product should almost
    >> always
    >> apply patches that address vulnerabilities rated critical or
    >> important. Patches rated critical should be applied in an especially
    >> timely manner."
    >>
    >> If you read the bulletins there are often other ways to address the
    >> vulnerability which can be used while you test the patch.
    >>
    >> I support about 600 users all using automatic update (critical
    >> patches installed as soon as they are available) has been that we
    >> haven't had a problem with these updates since the days of Windows
    >> NT. Of course your environment may be different.
  29. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Nasa for one but all of them. There is no more "in-house" when it comes to
    tech support for the government. Everything is outsourced and the ones that
    aren't will soon be. So when I say customers I am talking about the
    government employees being the customer.

    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com


    "MAP" <mikepawlak2REM@OVEhotmail.com> wrote in message
    news:uMU%23kkFpFHA.1416@TK2MSFTNGP09.phx.gbl...
    > >Then the customers get mad at us because it takes our techs 2
    > hours to get there instead of 25 min.
    >
    > What Government agency has customers such as this?
    >
    > --
    > Mike Pawlak
    >
    >
    > pcbutts1 wrote:
    >> It took us well over a year to convince my bosses to allow automatic
    >> updates and this was for MS and antivirus. They wanted to test all
    >> updates. In the mean time all 8000 systems on lab are quickly getting
    >> infected and spreading. Then the customers get mad at us because it
    >> takes our techs 2 hours to get there instead of 25 min.
    >>
    >>
    >> "Fuzzy Logic" <bob@arc.ab.caREMOVETHIS> wrote in message
    >> news:Xns96B68FA30EBFAbobarcabca@207.46.248.16...
    >>> Leythos <void@nowhere.lan> wrote in
    >>> news:MPG.1d6eac3b5371ceab989c4f@news-server.columbus.rr.com:
    >>>
    >>>> In article <Xns96B68859F2541bobarcabca@207.46.248.16>,
    >>>> bob@arc.ab.caREMOVETHIS says...
    >>>>> I'd be curious how you decide what is absolutely necessary? In my
    >>>>> books that would be any patches classified as critical.
    >>>>
    >>>> While all patches are critical of nature, until you test them
    >>>> against your environment there is little reason to blindly install
    >>>> them, unless the patch provides immediate protection for a problem
    >>>> you are immediately exposed too. In many cases the exposure path is
    >>>> limited and you can safely wait/test the patches and then install
    >>>> them.
    >>>
    >>> I was referring to patches classified as 'critical' by Microsoft.
    >>> For more info on Microsoft's ratings visit this site:
    >>>
    >>> http://www.microsoft.com/technet/security/bulletin/rating.mspx
    >>>
    >>> A quote from the above site:
    >>>
    >>> "We believe that customers who use an affected product should almost
    >>> always
    >>> apply patches that address vulnerabilities rated critical or
    >>> important. Patches rated critical should be applied in an especially
    >>> timely manner."
    >>>
    >>> If you read the bulletins there are often other ways to address the
    >>> vulnerability which can be used while you test the patch.
    >>>
    >>> I support about 600 users all using automatic update (critical
    >>> patches installed as soon as they are available) has been that we
    >>> haven't had a problem with these updates since the days of Windows
    >>> NT. Of course your environment may be different.
    >
    >
    >
  30. Archived from groups: microsoft.public.windowsxp.general (More info?)

    pcbutts1 wrote:
    > Nasa for one but all of them. There is no more "in-house" when it
    > comes to tech support for the government. Everything is outsourced
    > and the ones that aren't will soon be. So when I say customers I am
    > talking about the government employees being the customer.

    No wonder NASA is so f*#ked up.

    --
    Peace!
    Kurt
    Self-anointed Moderator
    microscum.pubic.windowsexp.gonorrhea
    http://microscum.com/mscommunity
    "Trustworthy Computing" is only another example of an Oxymoron!
    "Produkt-Aktivierung macht frei"
  31. Archived from groups: microsoft.public.windowsxp.general (More info?)

    kurttrail wrote:
    > pcbutts1 wrote:
    >> Nasa for one but all of them. There is no more "in-house" when it
    >> comes to tech support for the government. Everything is outsourced
    >> and the ones that aren't will soon be. So when I say customers I am
    >> talking about the government employees being the customer.
    >
    > No wonder NASA is so f*#ked up.

    You got that right! two flappin years later and still issues with the foam,
    as an aircraft mechanic (AMT) if I worked on these flying machines in the
    same way
    they would be going down everywhere :-)

    --
    Mike Pawlak
  32. Archived from groups: microsoft.public.windowsxp.general (More info?)

    > talking about the government employees being the customer.

    Please don't tell me that the Gov. is doing the "self directed team
    concept?"

    Mike Pawlak
  33. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "t.cruise" <t__cruise@[NoSpam]hotmail.com> wrote in
    news:#Qcl8SIpFHA.3516@TK2MSFTNGP15.phx.gbl:

    >> What you are doing defies all common security practices (multiple
    >> layers of defense, properly configured and updated systems.)
    >
    > FYI: I did install the update, AFTER I was assured that it would not
    > create any problems, and then recommended it to others. I still believe
    > that Microsoft uses the word "critical" loosely. I also do not like
    > updates that cause problems, and when one wants to uninstall them, a
    > dialog box comes up listing a group of applications which might not
    > function properly if the update is uninstalled. One should be informed
    > BEFORE the install of the update of that list of applications which
    > might not run correctly if the update is uninstalled.

    Nobody likes updates that cause problems. Having said that nobody likes
    software with security holes either. Sadly these are both facts of life.
    Fortunately Microsoft seems to be getting better at addressing both of these
    issues.

    As for uninstalling updates the key phrase is 'MIGHT not work'. The worst
    thing that could happen would be having to reinstall the application.
  34. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Zotob: An Avoidable Worm And The Negligence Factor
    http://www.securitypipeline.com/169400254?_loopback=1

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User

    ---------------------------------------------------------------------------

    "t.cruise" wrote:

    > I know that many in this group support downloading Windows XP updates. Personally, I
    > download and install ONLY what is absolutely necessary, which for me has avoided problems
    > with smooth running systems. There has been much media attention the past couple of days
    > about the Zotob worm, I.E., PnP and compromised Windows security. I know that there is a
    > patch available for download at the Microsoft web site
    > WindowsXP-KB899588-x86-ENU.exe
    >
    > But, there has been mass media hysteria in the past about viruses and worms, none of which
    > have made their way to any of my systems with broadband internet connections, without my
    > having to download and install the plethora of security patches at the Windows Update. My
    > question is, if I have a decent firewall am I already protected, or do I really need to
    > install this patch?
    > --
    >
    > T.C.
  35. Archived from groups: microsoft.public.windowsxp.general (More info?)

    The #1 delay in all shuttle missions is that Fuel Cell sensor issue. To this
    day they still don't know what causes it, all they do is replace it.

    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com


    "MAP" <mikepawlak2REM@OVEhotmail.com> wrote in message
    news:e4M52mMpFHA.1304@TK2MSFTNGP10.phx.gbl...
    > kurttrail wrote:
    >> pcbutts1 wrote:
    >>> Nasa for one but all of them. There is no more "in-house" when it
    >>> comes to tech support for the government. Everything is outsourced
    >>> and the ones that aren't will soon be. So when I say customers I am
    >>> talking about the government employees being the customer.
    >>
    >> No wonder NASA is so f*#ked up.
    >
    > You got that right! two flappin years later and still issues with the
    > foam,
    > as an aircraft mechanic (AMT) if I worked on these flying machines in the
    > same way
    > they would be going down everywhere :-)
    >
    > --
    > Mike Pawlak
    >
    >
  36. Archived from groups: microsoft.public.windowsxp.general (More info?)

    pcbutts1 wrote:
    > The #1 delay in all shuttle missions is that Fuel Cell sensor issue.
    > To this day they still don't know what causes it, all they do is
    > replace it.

    The next launch being pushed back to next March is mainly due to the
    foam issue.

    --
    Peace!
    Kurt
    Self-anointed Moderator
    microscum.pubic.windowsexp.gonorrhea
    http://microscum.com/mscommunity
    "Trustworthy Computing" is only another example of an Oxymoron!
    "Produkt-Aktivierung macht frei"
Ask a new question

Read More

Windows XP