5 patches that you need to download, including a critical, so go off and run your Windows Update thingymabob to download em! (remember, blaster was known about in patches long before blaster arrived) so.. go.. go... what you still reading for? Shouldnt you be downloading the updates?

Stop reading!!

GO!!

UPDATE WINDOWS F00!!

Unless your on Linux/Unix/Mac in which case, haha, Universities running Linux/Solaris got hax0red, pfft, secure, my butt :p

Yeah, saw that at work this morning. Need to do it when i get home too :-\

hmmmm, just tried a windows update and it said no updates are availible

:o

lucky git, I'm still tryin to get them downloaded :(


Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009)
Download size: 1.9 MB, < 1 minute
A security issue has been identified in Microsoft Outlook Express that could allow an attacker to read files on your computer, or cause a program to run. You can help protect your computer by installing this update. After you install this item, you may have to restart your computer. Read more...

Remove
Critical Update for Internet Explorer 6 Service Pack 1 (KB831167)
Download size: 378 KB, < 1 minute
An identified issue may cause errors when Internet Explorer attempts to renew a connection to a server. You should apply this update if you begin to receive errors connecting to websites after you have applied the KB832894 security update to Internet Explorer. After you install this item, you may need to restart your computer. Read more...

Remove
Security Update for Windows XP (KB837001)
Download size: 284 KB, < 1 minute
A security issue has been identified that could allow an attacker to compromise a computer running Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more...

Remove
Security Update for Windows XP (KB828741)
Download size: 284 KB, < 1 minute
A security issue has been identified that could allow an attacker to compromise a computer running Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more...

Remove
Security Update for Windows XP (KB835732)
Download size: 284 KB, < 1 minute
Multiple security issues have been identified that could allow an attacker to compromise a computer running Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Read more...

Have you got it set as auto download and auto install?

aye, but i cant be bothered to wait for that to start up, so i d/l em mehself

Unless your on Linux/Unix/Mac in which case, haha, Universities running Linux/Solaris got hax0red, pfft, secure, my butt :p

And if you accually read the whitepaper, there was already patches avaliable for these exploits, prior to the *crackers* exploiting them. And some of these could've been perventable, if they accually had proper security measures in place.

Again, it boils down to lazy SysAdmins, which is usually the guilty party on both sides of the OS spectrums. And remember, just because you can read a book, doesn't you make you an expert in the field.

Again, it boils down to lazy SysAdmins, which is usually the guilty party on both sides of the OS spectrums. And remember, just because you can read a book, doesn't you make you an expert in the field.

I never said I could read :confused: besides, true, it was due to updates not being installed on the boxes, but then, the same could be said for the people not updating windows that let the RPC bug let blaster into the wild to do so much damage :p

turn off html preview of emails

dont open attachments off people you dont know, OR you arent expecting

get a decent firewall and AV.

job done tbh

turn off html preview of emails

dont open attachments off people you dont know, OR you arent expecting

get a decent firewall and AV.

job done tbhWhat he said.

It's not like keeping Windows boxes patched is hard these days. AV and OS patch themselves and just yell when they want a reboot. Even reboots can usually be avoided (vital for servers) if you read the notes and manually restart the right components and services.


/edit - still, not a bad thing to warn people Lexx, just saying....:)

I wish they wouldn't assume everyone uses Outlook, I don't need an update for software I don't use. It should be listed under general XP updates, not a critical update.

I wish they wouldn't assume everyone uses Outlook, I don't need an update for software I don't use. It should be listed under general XP updates, not a critical update.
Often "outlook" updates also update common libraries that 3rd party software does use so it can be critical. You will also find that things like MSN Messanger load "outlook" DLLs which would need patching. Not to mention MS's habit of pre-loading elements of applications you have never used to speed up load-times if you ever do :rolleyes:

Another part of the problem is (no offense intended, really) users that don't know what they're doing.

Another part of the problem is that Windows XP and 2000 by default make your user account an Administrator, instead of a Power User. That's one thing I really like about Linux/*nix/Mac OS X.

--Stryfe

I wish they wouldn't assume everyone uses Outlook, I don't need an update for software I don't use. It should be listed under general XP updates, not a critical update.

Some of the later exploits you don't have to run outlook/IE to trigger them.

Another part of the problem is (no offense intended, really) users that don't know what they're doing.

Another part of the problem is that Windows XP and 2000 by default make your user account an Administrator, instead of a Power User. That's one thing I really like about Linux/*nix/Mac OS X.

--Stryfe

The difference being that an Administrator in windows who doesn't know what they're doing is FAR safer than an Administrator in Linux who doesn't know what they're doing. Windows will argue with you, override you, protect you and generally be really bloody annoying most of the time. If you wanna leave all your ports open in linux and present your ass for the rapage it will let you without a word.

My security knowledge extends to knowing how to install ZoneAlarm, and disabling html emails. Never had any problems, and I always log in (to win2k) as Administrator :)

Some of the later exploits you don't have to run outlook/IE to trigger them.

It shouldn't exist if you don't want it too. Windows is way too integrated with software it has no business being apart of. That's oneof the reason's its so unstable at times. I happen to use IE, but if I didn't then it should not be on my computer. Likewise I should be able to remove outlook. The fake uninstall they added to make the courts happy is a joke. It removes links on your desktop or start menu, so you think the software is gone.

Windows is way too integrated with software it has no business being apart of. The rest of your post I more-or-less argree with but that is not necessarily true. In theory and in most cases also in fact the opposite is true.

The thing to remember is that Windows is designed for the largest possible number of users at the lowest common denominator. Can you imagine how much worse it would be if you gave the average chump in Dixons/Best Buy a bare kernel and told them they had to select GUI/shell, web browser, mail client, file system, packaging system, etc. themselves? Even if these things were a check-list and a "technician" installed them the prospects for conflicts are huge and the support costs escalate astronomically.

Like it loathe it (or anywhere in between) the MS way works best for the most people.