Critical Windows security patch

April 3rd, 2007 - 23:23 | 3 comments

Anybody with Windows Automatic Updates enabled should get a nagging message in the next 24hrs. It’s worth installing the new security patch asap, as the problem with animated cursors, of all things, is actively being exploited. It’s highly unlikely you’ll come across an infected website, but it can’t hurt to be safe. If you don’t have WAU enabled (and if not, why not?) you should head over to Windows Update and pick up the patch. Don’t be tempted by the ‘Microsoft Update’ option, though - it’s still evil.

-----

3 Responses to “Critical Windows security patch”

1 Skuds Apr 4th, 2007 at 12:03 am

Interesting… you can’t use that link in Firefox!
2 Ed Apr 5th, 2007 at 12:03 pm

I have the svchost problem which even with the patch hasn’t actually fixed the problem. Now, I’m getting problems installing these two updates. It installs them every time I reboot. Reminds me how crap Microsoft Windows XP is.

MSXML 4.0 SP2 Security Update (KB927978)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution

MSXML 4.0 SP2 Security Update (925672)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A vulnerability exists in Microsoft XML Core Services that could allow for information disclosure because the XMLHTTP ActiveX control incorrectly interprets an HTTP server-side redirect.
3 Andrew Apr 5th, 2007 at 1:44 pm

You have the svchost problem even with Microsoft Update disabled?

These sites might help with the repeated install problem.

-----

Commenting Policy: Thoughts, observations, argument, debate and all other conversational wonderments are encouraged, but personal attacks or general trolling will result in your comment being deleted and your account/IP banned. If you're nice, however, you get strawberries.