Page 1 of 30 1234511 ... LastLast
Results 1 to 10 of 501

Thread: Old MS Alerts

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Old MS Alerts

    FYI...good reason to be "selective" when doing "Windows Updates"...

    - http://support.microsoft.com/?kbid=890830
    Last Review: November 24, 2005
    Revision: 15.2
    "...Known issues in the November 8, 2005 release
    When you run the November 8, 2005 release of the Windows Malicious Software Removal Tool from Windows Update, from Automatic Update, or from the Download Center, the tool may appear to stop responding. Additionally, you may experience one of the following symptoms:
    • When you run the tool from Windows Update or from Automatic Update, Windows Task Manager shows that the Iexplore.exe process has high CPU usage.
    • When you run the tool from the Download Center, Windows Task Manager shows that the Mrt.exe process has high CPU usage.
    To resolve this issue, install the updated version of the Windows Malicious Software Removal Tool that is now available from Windows Update, from Microsoft Update, from Automatic Updates, or from the Download Center. An updated version of the Windows Malicious Software Removal Tool was released on November 11, 2005.
    >>> http://tinyurl.com/83c52

    :(
    Last edited by AplusWebMaster; 2008-02-13 at 00:47.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #2
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Default

    HP - AMD - XPSP3...

    XP SP3 Upgrade Utility for systems with AMD processors
    - http://preview.tinyurl.com/4g2b6y
    Release Date: 2008-05-14 - Version: 1.0 (HP Customer Care)
    Description: Microsoft Windows XP SP3 Upgrade Utility prevents continuous system restarts or "Stop: 0x0000007E" errors after upgrading to Windows XP SP3 on systems with AMD processors.
    Fixes: Prevents a condition from occurring that causes continuous system restarts or "Stop: 0x0000007E" errors after upgrading to Microsoft Windows XP Service Pack 3 on systems with an AMD processor.
    Example: "A problem has been detected and Windows has been shut down to prevent damage to your computer..."

    Download: sp37394.exe (1.85M)

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #3
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation XPSP3 chokes on ISP versions of IE7

    FYI...

    XPSP3 chokes on ISP versions of IE7
    - http://www.informationweek.com/share...leID=207801330
    May 20, 2008 - "Private label versions of Microsoft's Internet Explorer 7 browser, including those provided to customers by Internet Service Providers Comcast and Qwest, are prone to crash during installation on computers running Windows XP SP3 because they tend to be outdated, Microsoft is warning. The problem generally occurs when a so-called "branded" version of IE7 is installed for the first time on a computer that's running XP SP3, said Microsoft program manager Jane Maliouta, in a blog post*. "The reason is that the IE7 package you are trying to install uses old IE7 files," said Maliouta. The trouble? Some ISPs are still distributing versions of IE7 that don't contain updates designed to make the browser compatible with Windows XP SP3. Specifically, XP3 runs a version of an essential dynamic-link library file called XMLLite.dll that's not compatible with versions of IE7 released prior to October..."
    * http://preview.tinyurl.com/6rwwf8
    May 12, 2008 (blogs.msdn.com)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #4
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Norton software conflicts with XPSP3

    FYI...

    - http://windowssecrets.com/comp/080529#patch0
    2008-05-29 - "Antivirus software from Symantec Corp. may cause the installation of Service Pack 3 for XP to corrupt the Windows Registry by adding unnecessary keys.
    Symantec advises users to disable the SymProtect security feature of its products before applying XP SP3.
    A Registry fix is needed by the latest XP patch..."

    (More detail at the URL above.)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #5
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy

    FYI...

    PCpitstop XPSP3 review:
    - http://preview.tinyurl.com/4y7zqc
    May 25, 2008 - Windows XP SP3 Issues and Fixes Continued


    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #6
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS08-030 - new patch, for XPSP2 & XPSP3

    FYI...

    MS08-030 - new patch, for XPSP2 & XPSP3
    - http://isc.sans.org/diary.html?storyid=4600
    Last Updated: 2008-06-20 01:20:41 UTC - "Microsoft issued a new patch, for XPSP2 & XPSP3, for MS08-030*: Vulnerability in Bluetooth stack could allow remote code execution. "Customers who are running Windows XP Service Pack 2 and Windows XP Service Pack 3 should download and deploy this new security update. Customers running Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 and all supported versions of Windows Vista who have already applied these original security updates do not need to take any further action"... The Technet Security Vulnerability Research & Defense blog** on the vulnerability was "MS08-030: All bark and no bite? The case of the Bluetooth update".
    Related update- KB KB951376 Security Update for Windows XP:
    http://support.microsoft.com/kb/951376/en-us ..."
    Last Review: June 19, 2008
    Revision: 2.0

    * http://www.microsoft.com/technet/sec.../ms08-030.mspx
    Revisions:
    • V1.0 (June 10, 2008): Bulletin published.
    • V2.0 (June 19, 2008): Added "Why was this security update reoffered on June 19, 2008?" entry to the Update FAQ to advise customers running Windows XP Service Pack 2 and Windows XP Service Pack 3 that a revised version of the security update is available.
    "...Customers who are running Windows XP Service Pack 2 and Windows XP Service Pack 3 should download and deploy this new security update..."

    ** http://preview.tinyurl.com/67t4uw
    (blogs.technet.com)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #7
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation SQL Injection Prevention...

    FYI...

    Microsoft Security Advisory (954462)
    Rise in SQL Injection Attacks Exploiting Unverified User Data Input
    - http://www.microsoft.com/technet/sec...ry/954462.mspx
    June 24, 2008 - "Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine.
    Mitigating Factors:
    This vulnerability is not exploitable in Web applications that follow generally accepted best practices for secure Web application development by verifying user data input...
    (See) Suggested Actions..."
    • Detection – HP Scrawlr - http://preview.tinyurl.com/4qkk6g ...
    • Defense – UrlScan - http://learn.iis.net/page.aspx/473/using-urlscan
    • Identifying - Source Code Analyzer for SQL Injection - http://support.microsoft.com/kb/954476
    • Additional Info...

    Microsoft SQL Injection Prevention Strategy
    - http://isc.sans.org/diary.html?storyid=4621
    Last Updated: 2008-06-24 22:17:41 UTC - "...Microsoft recommends three approaches to help mitigate SQL Injection.
    • Runtime scanning...
    • URLScan...
    • Code Scanning..."

    - http://atlas.arbor.net/briefs/index#361782669
    June 25, 2008 - "Microsoft today released security tools to help customers deal with SQL Injection Attacks. UrlScan, Microsoft Source Code Analyzer for SQL Injection and Scrawlr can be used by customers to check for SQL Injection issues in their applications.
    Analysis: The release of these tools comes in a time when SQL injection is increasingly exploited. UrlScan is used to restrict HTTP requests that IIS will process."
    * http://preview.tinyurl.com/5t2sbh
    (blogs.technet.com)

    Last edited by AplusWebMaster; 2008-06-26 at 17:40.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #8
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Question MS08-037 ...ZoneAlarm users...

    FYI... updated:

    - http://isc.sans.org/diary.html?storyid=4684
    Last Updated: 2008-07-09 08:21:40 UTC ...(Version: 3)
    "...MS08-037 - Windows DNS ...ZoneAlarm users report* trouble with their firewall set to "high" for the Internet zone..."

    Update - Important! - see: http://forums.spybot.info/showpost.p...8&postcount=78 -prior- to MS08-037 install.

    ** http://support.microsoft.com/?kbid=951748
    MS08-037 ...Windows XP... (client side)

    //
    Last edited by AplusWebMaster; 2008-07-10 at 16:59. Reason: Per current ZA information...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #9
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation XP SP3 goes "automatic"...

    FYI...

    - http://www.theinquirer.net/gb/inquir...-sp3-automatic
    9 July 2008 - "AS ANNOUNCED previously by Microsoft, automatic updates for Windows XP SP3 will be launched Wednesday, July 10 2008, starting at 10:00 am Pacific Time. For most Windows XP users who haven't already manually downloaded and applied SP3, the automatic update process should work properly. After all, Microsoft has had almost three months to test, tweak and polish it since it was first released. Microsoft's Automatic Updates process should know about and scan for configurations that are problematic, and prevent the Windows XP SP3 update installation process from proceeding if it detects a troublesome situation. However, if there's any hiccough in the automatic update process, your computer could become unusable. Therefore, certain technical advisors recommend using Microsoft's Automatic Updates facility only to provide notification that the update is available, then applying it manually. They caution that you should also take care to follow Microsoft's service pack pre-installation instructions, including:
    * Disable antivirus programs,
    * Make sure no other applications are running,
    * Have your system plugged in during the update, that is, not on battery power, and
    * Make sure that you have sufficient free space available on your system's hard disk.
    You can make certain that the Windows Automatic Update facility doesn't attempt to, er... automatically update your system by using Microsoft's Windows Service Pack Blocker Tool Kit, and that's available here: http://preview.tinyurl.com/2tadkt
    Should you find that Windows XP SP3 causes problems on your system, instructions on how to remove it are available here: http://www.iaps.com/blog/2008/07/how...ce-pack-3.html ..."

    //
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #10
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    - http://blogs.technet.com/msrc/archiv...-ms08-037.aspx
    July 10, 2008 (MSRC) - "...After the release of MS08-037, we became aware of reports of ZoneAlarm customers experiencing issues after applying the security updates. We started investigating these reports as soon as we heard about them and have been working to research this issue. We’re still working on this issue but we do have some information from our investigation so far, which we’ve put into the bulletin. Specifically, we’ve identified that customers who are running either ZoneAlarm or Check Point Endpoint Security (previously named Check Point Integrity) who apply MS08-037 may lose network connectivity after applying these updates. Our investigation so far has shown that no other customers are affected by this issue. We’re still investigating this issue but we encourage customers who are using ZoneAlarm to review the appropriate ZoneAlarm Web site** and Check Point Endpoint customers to review the appropriate Check Point Web site*** for the latest guidance or software updates and factor this information into your risk assessment, testing, and deployment planning..."

    * http://www.microsoft.com/technet/sec.../MS08-037.mspx
    • V2.0 (July 10, 2008): Bulletin revised to inform users of ZoneAlarm and Check Point Endpoint Security of an Internet connectivity issue detailed in the section, Frequently Asked Questions (FAQ) Related to this Security Update. The revision did -not- change the security update files in this bulletin, but users of ZoneAlarm and Check Point Endpoint Security should read the FAQ entries for guidance.

    ** http://download.zonealarm.com/bin/fr...cessIssue.html
    Last Revised : 14 July 2008

    *** https://supportcenter.checkpoint.com...nter/index.jsp

    //
    Last edited by AplusWebMaster; 2008-07-22 at 03:28. Reason: Added date of revision update to ZA URL...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •