Microsoft Security Patch Tuesday - May 2007
Posted by Tom Warren on 03 May 2007 - 18:22 · 10 comments & 4688 views
About the Author
Full name: Tom Warren
Forum name: creamhackered
Contact: via forum PM
Submissions: Normal · Headline
Full name: Tom Warren
Forum name: creamhackered
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(4 replies)
#1 Posted by rich.bradshaw on 03 May 2007 - 19:28
- Why do you have to restart after Windows updates? What a stupid way to patch things...
-
#1.2 Posted by dugbug on 03 May 2007 - 20:50
- Quote - (rich.bradshaw said @ #1)Why do you have to restart after Windows updates? What a stupid way to patch things...
It depends on whats being patched. Some services can be stopped, patched, and restarted, others cannot without loosing important capability. Vista is much better in this regard, but xp requires a lot of restarts -
#1.4 Posted by GP007 on 04 May 2007 - 14:44
- Quote - (Andareed said @ #1.3)Could be a kernel update.
If it's a kernel update then ANY OS will need a restart. As said above, Vista is a bit beter at patching then XP when it comes to restarts, but any low level updates will need a restart, that's kernel mode stuff. Now that MS has started to move more parts out of kernel mode and into user mode space restarts will be fewer and fewer.
-
(2 replies)
#2 Posted by JockStrap on 03 May 2007 - 19:31
- I like how some of those are critical, but they're waiting a little while before releasing them. Thanks for caring about your customers so much that you'll let them sit with a critical flaw in a product they paid for.
-
#2.1 Posted by J_R_G on 03 May 2007 - 22:21
- Alternate timeline, with one slight difference, MS released the patch early and it had critical bugs:
JockStrap: "I like how many of these could have easily been prevented with a little extra testing. Thanks for caring
about your customers so much that you'll cripple their systems with untested patches for a product they paid far." ad naseum. -
#2.2 Posted by GP007 on 04 May 2007 - 14:48
- You have to also keep in mind that many security holes that get patched aren't attacked until after the patch is out, hackers use the patch to figure out what's going on and how to attack it. Since many people don't update right away anyways.
The key thing to look at here is what's being activilly attacked before a patch is issued and what is attacked after a patch is out. Just like the Blaster worm a few years ago, a patch was out before that happend, but many systems weren't updated.
-
#3 Posted by nanuk on 03 May 2007 - 19:47
- These critical patches are only released when new flaws are found. You have to remember that an OS when released supposedly stands up to all its current possible attacks and flaws. However as the days and weeks pass after release date new flaws are found and are patched as quickly as possible. For a lot of us we are very grateful for the patching no matter if it takes a few hours to a few days to be released as we know the company is trying to look after its customers. Yet there are still a few who will make a mockery of the system and whine about it till their pc bsod's.
p.s.
I'm guessing Jock and rich have still patched
-
#4 Posted by cyberfox2004 on 04 May 2007 - 00:42
- Next week's Patch Tuesday updates from Microsoft will include fixes for a wide range of "critical" vulnerabilities in the Windows, Office and Exchange product lines, the software giant announced today.
As part of its advance notice mechanism, Microsoft said a total of 7 bulletins will be released on May 8, 2007. Here are the barebones details.
Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart.
Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart.
One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart.
One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart.
One of the "critical" bulletins will most certainly contain fixes for the Windows DNS RPC vulnerability that was being used in attacks by botnet herders last month.
According to FrSIRT, there are several known Microsoft Office vulnerabilities that are unpatched. The list includes two code-execution vulnerabilities, one each in Microsoft Word and Microsoft Powerpoint. The PowerPoint bug was reported to Microsoft nine months ago (July, 2006).
Security Updates
- Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
- Three Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
- One Microsoft Security Bulletin affecting Microsoft Exchange. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
- One Microsoft Security Bulletin affecting CAPICOM and BizTalk. The highest Maximum Severity rating for these is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
Microsoft Windows Malicious Software Removal Tool- Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update Services (SUS).Non-security High Priority updates on MU, WU, WSUS and SUS