DavidOverton.com
This site is my way to share my views and general business and IT information with you about Microsoft, IT solutions for ISVs, technologists and businesses, large and small.  
David Overton's Blog » All Tags » System Update » Security (RSS)

Browse by Tags

  • How to get SBS 2008 to "fix" managing WSUS after you have manually upset it

    Today's post covers what to do when SBS says it no longer can change the WSUS settings from the console.  The exact message is "Windows Small Business Server Update Service is not running because it automatically turns off if you customize Windows Server Update Services (WSUS)". One way round this problem is to manually change all the settings in the WSUS console (from Administrator Tools, select Microsoft Windows Update Services 3.0 SP1) and change the settings as per instructions found at http://blogs.technet.com/sbs/archive/2006/07/13/441594.aspx .  I'm a sort of "quick fix" kind of guy, so the easier way is to go to the same tool, but then run the wizard.  The steps are: Start the Wizard   Click through the first two screens and set the updates to come from Microsoft Update Configure the proxy if required and press next.  Then press Start Connecting.  When done, press Next again. Select the language(s) you want to download Make sure "All Products"...

  • Why those Mac OS X vs Windows adverts are just so wrong … and so would the Linux vs Windows if they ran them

    What an amazing graphic … it talks about security issues and fixes. The nice “Apple” man seems to be hiding how many problems he has on his adverts :-) What is also interesting is how many issues are stilling being found on the various implementations of Linux. Obviously there is still more detail around this, so for the full rundown have a look at http://blogs.technet.com/security/archive/2008/01/23/download-windows-vista-one-year-vulnerability-report.aspx . ttfn David Technorati Tags: Apple , Microsoft , Redhat , Ubuntu , Security , Updates

  • Windows Small Business Server 2003 at risk from critical flaw

    Hopefully everyone has seen this, but if not: Windows Small Business Server at risk from critical flaw Microsoft initially omitted Small Business Server from its list of critically affected OSes, but is now offering patches via its automatic update services In an update to its MS08-001 security bulletin, Microsoft said that the latest release of Windows Small Business Server was also critically at risk from a bug in Windows' networking software. The flaw is also considered critical for Windows XP and Vista users. Microsoft did not say why it had initially omitted Small Business Server from its list of critically affected operating systems, but it said that the product's users were being offered patches via Microsoft's various automatic update services. "Customers with Windows Small Business Server 2003 Service Pack 2 should apply the update to remain secure," Microsoft said in its updated bulletin. The bug lies in the way Windows processes networking traffic that uses IGMP (Internet Group...

  • One-fifth of Windows apps go unpatched - down from 28% last May, but still need to be careful

    I like Secunia as an organisation. They present huge amounts of data that you can then pick into if you disagree with it. For example, ZDNet recently said that 2007 saw more serious security flaws for Apple OSX compared to Windows using the information provided by Secunia's web site. They also run a scan on people's PC to determin how good/bad they are and while things have improved - it is again too easy to be one of the people throwing things saying "I'm alright because I run Windows Update or applied Service Pack 1". One-fifth of Windows apps go unpatched Updates are available, but users haven't installed them, says Secunia December 28, 2007 (Computerworld) -- One in five applications installed on Windows PCs are missing security patches, a Copenhagen-based vulnerability tracker has reported. According to Secunia APS, more than 20% of the applications scanned by its Personal Software Inspector (PSI) utility were open to attack because available fixes for security flaws had not been...

  • Windows is now getting too difficult to hack, so the hackers sights are moving elsewhere, but that does not mean security is now easier.

    I have heard many times how Windows is the big target for virus and phishing nasty people in general, but more and more people are showing that Windows is just too hard to hack when applications and other platforms offer so much more opportunity. From the article at eBay: Phishers getting better organized, attacking Linux Dave Cullinane, eBay's chief information and security officer said that in his previous job protecting a bank from phishers "The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes. Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected. Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured...

  • Vlad Mazek - "What is service management" and "how to avoid being hit by a truck when it is most inconvenient"

    I love Vlad's straight talking. If you get a chance read the whole of the blog entry Vlad Mazek - Vladville Blog » Blog Archive » Windows Server 2003 SP2 EEULA & CYA because as far as I am concerned he is preaching to the converted. I will stand by my view that Service Packs are tested as much as possible, but you need to do your own validation (see Who should test software and service packs - I think vendors,customers and partners - others thi ) to ensure that your application vendor is also happy to support their products on that service pack. If you only have MS products, check the release notes AND SUPPORT.MICROSOFT.COM as both may well have important information. I've extracted part of Vlads process to avoid a bloody head - read his post for more as people like Susan Bradley wishes she had :-) However, a part of me wonders just how heavy the rock was. You know, the one that he was under since Microsoft started releasing service packs. As painful as the above is to read, and as painful as this...

(c)David Overton 2006-23