David Geer Talks Tech
Wednesday, December 13, 2006
MSFT updates Courtesy of http://www.GeerCom.com.
Geer Communications - your on-time technology writer!
Welcome!
Yesterday, Microsoft alerted the masses to some new critical security updates, which awaited their computers at Microsoft Update. If you do the express install at Microsoft Update, you get the critical updates. I've installed them and haven't, so far, run afoul by having them.
Reading the update information, you can quickly see that the current updates patch severe security holes such as a hole in Internet Explorer (for those affected) that could allow remote code execution (someone on a remote box executes code on your box--very bad).
The other two patches include a vulnerability in Visual Studio 2005, which I don't have but could also allow remote code execution for those who do have it, and a vulnerability in Windows Media Format that could, again, allow remote code execution on affected systems.
There was one apparent discrepancy. Explanations of the Windows Media Format issue say the vulnerability exists only in certain versions of Windows Media Player and not in series 11, which is not affected.
I have series 11 installed. I don't have series 6.4 or any other version or series installed. Yet, Microsoft's update history for my box says that yesterday Microsoft Update installed the patch that applies to Windows Media Player 6.4 on my computer to resolve this issue.
Oh, great computer guru in the sky, have you an answer as to how this could be?
Best,
David Geer - your on time technology writer!
Geer Communications
Geer Communications - your on-time technology writer!
Welcome!
Yesterday, Microsoft alerted the masses to some new critical security updates, which awaited their computers at Microsoft Update. If you do the express install at Microsoft Update, you get the critical updates. I've installed them and haven't, so far, run afoul by having them.
Reading the update information, you can quickly see that the current updates patch severe security holes such as a hole in Internet Explorer (for those affected) that could allow remote code execution (someone on a remote box executes code on your box--very bad).
The other two patches include a vulnerability in Visual Studio 2005, which I don't have but could also allow remote code execution for those who do have it, and a vulnerability in Windows Media Format that could, again, allow remote code execution on affected systems.
There was one apparent discrepancy. Explanations of the Windows Media Format issue say the vulnerability exists only in certain versions of Windows Media Player and not in series 11, which is not affected.
I have series 11 installed. I don't have series 6.4 or any other version or series installed. Yet, Microsoft's update history for my box says that yesterday Microsoft Update installed the patch that applies to Windows Media Player 6.4 on my computer to resolve this issue.
Oh, great computer guru in the sky, have you an answer as to how this could be?
Best,
David Geer - your on time technology writer!
Geer Communications
