If you use a Windows computer connected to a network, a newly discovered bug makes it possible for a bad guy to wreak havoc on the computer without your doing anything. The most vulnerable versions of Windows are XP, 2000 and Server 2003. Vista and Server 2008 are also vulnerable, but not as badly. Microsoft considers the bug important enough to issue the patch immediately rather than waiting for their normal once-a-month patch.Rico says he is chortling, yet again...
Susan Bradley, writing for the Windows Secrets newsletter recommends immediately installing the just-issued patch. Then she offers some unusual advice, suggesting people first restart their computers "to verify that your machine is bootable." Can't hurt. Then she says to install the patch and reboot again. Her article also includes direct links to the patch for each version of Windows. If, for some reason, you can't run Windows/Microsoft Update you can manually download the patch and install it.
A standard of Defensive Computing is that the less software installed and running the better. This particular bug is with a part of Windows known as the Server service. If you are not sharing files and/or printers on a local area network, then you don't need to have the server service running, bug or no bug.
24 October 2008
Another bug, what a surprise
CNet News has the story by Michael Horowitz at Defensive Computing:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment