The Important Windows patches Released Today

As many of you know we talked about the Non-critical patches that Microsoft will release today.  IF you want to read those please go and check it out.   I’ll be talking about the REALLY important ones that Microsoft has kept tight until now.    These are the more important ones but I will list the ones that I previous talked about to better help people recognize the non-important ones:

[ad#ad2-right]

  • KB955839
  • KB957388
  • KB890830
  • KB905866
  • These are just the tip of the iceberg. although this list are not A lot.  I’d wanted to let people know about what people coin “Exploit Wednesday“.  I really don’t know if this is a Myth or actually does exist but I’d figure we discuss the problems associated with installing the critical updates and try to tell you which ones should be installed As soon as possible.  Though people have in the past used a Virtual Machine to see if there is any problem, that should be your first step if you don’t want to have any problems with these updates.  I don’t suggest testing it more than a couple days.  Here are some good Virtual Machine software to try out yourself:

    Here is the list of updates that are critical that Microsoft released today.   Each one of these are quite important and should be considered installed when you get a chance.

    [ad#ad2-left]Microsoft Security Bulletin MS08-073 – Critical
    Cumulative Security Update for Internet Explorer (KB958215)

    This security update resolves four privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Security Bulletin MS08-071 – Critical
    Vulnerabilities in GDI Could Allow Remote Code Execution (KB956802)

    This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    [ad#ad2-right]Microsoft Security Bulletin MS08-075 – Critical
    Vulnerabilities in Windows Search Could Allow Remote Code Execution (KB959349)

    This security update resolves two privately reported vulnerabilities in Windows Search. These vulnerabilities could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    KB952069
    (not quite sure what this one is, when I go do a Google search this is what pops up. It was in German but Google translated it for me)

    In the Windows Media Runtime to the default in Windows XP SP3 contains Windows Media Player (WMP) 9 were discovered vulnerabilities that could allow an attacker to compromise your Windows-based system and gain control over it. See Security Bulletin MS08-076 ( englisch bzw. deutsch ) See Security Bulletin MS08-076 (English or German)

    These are just ones that I found and wanted to let you know, the others have been explained on the other article.  So check them all out and I suggest installing them quickly as possible.

    Rumor is that Itunes will Remove DRM!

    [ad#ad2-right]A report from last week brought to AppleInsider‘s attention by French technology site ElectronLibre asserts that it’s now “clear” Apple will spark new interest in its music store by removing DRM from tracks published by Sony, Universal and Warner on December 9th.

    [Via Apple Insider]

    Although, this is somewhat unlikely I’ve got my own theories on this.  You see If Apple did this tomorrow that would be a BIG deal, due to the fact that Microsoft will be releasing there patches on the same day.  I find it would be a momentous occasion.

    [ad#ad2-left]I can only guess why and the guess is just a guess.  If Itune’s did remove there DRM the same time as Microsoft Patch Tuesday, I’d have to guess they will co-inside because of the difficulty of using the DRM, Digital Rights Management, on other products.  For example, Windows Media Player .  If Apple decided to approach Microsoft and come up with a way to make sure all DRM is stripped this would be the ideal situation.   Although this is highly unlikely, I’d have to think Apple wouldn’t wait till tomorrow to strip the DRM.  They know Microsoft schedule.  We will have to find out in the coming days.

    Upcoming Patch Tuesday

    [ad#ad2-right]I wanted to get prepared for the updates for this Tuesday and I thought I’d go through them and list what Microsoft said about each.   These are what’s been said on Technet and I am sure there will be more.   Each one of these don’t look to serious but I will post Tuesday if there is anything I’ve missed on this post.   As you might know this is not set in stone but just the direction of Microsoft for this Months Release.

    KB955839

    Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

    Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

    [ad#ad2-left]KB957388

    Update for Windows Server 2008 and Windows Vista

    Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

    KB890830

    Windows Malicious Software Removal Tool

    Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. After you download the Microsoft Malicious Software Removal Tool, it runs one time to check your computer for inflection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month.

    [ad#ad2-right]KB905866

    Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)

    Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

    I am sure there are going to be others but right now this looks like the normal things Microsoft sends out.  I am sure they are keeping a tight lid on the really serious stuff until last second so I’ll have to report the really important stuff Tuesday.

    Microsoft issues Vista patches out of Monthly Patch Cycle!

    KB957321,KB959108,KB959130


    Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:
    [ad#ad2-right-1]

    Kb957321

    An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

    954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

    945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

    The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

    This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

    On a Windows Vista-based computer or on a Windows Server 2008-based computer, you install a third-party Web browser. You set the third-party Web browser as the default Web browser. Then, you run the Connect to the Internet Wizard. However, if you select the Browse the Internet now option, Windows Internet Explorer starts instead of the third-party Web browser that you set as the default Web browser.


    [ad#ad2-right]This seems to be not so important.  All of these are not really security related but it does surprise me that Microsoft wanted to release these out of Cycle.   If your planning on using your Vista laptop during the holidays you might want to update your vista machine before you go.  I don’t think there is going to be any major issues with this but if there is, you can always remove these updates later.

    Vista has a new Vulnebility!

    According to Techworld.com,  Vista has a new Vulnerability that could let a hacker infect a Vista machine with a rootkit.  The talk from them is quite intriguing.   I will quote it to better let you know what the Vulnerability is:

    The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

    [ad#ad2-left]Phion notified Microsoft about the problem on 22 October. Microsoft indicated to Phion that it would issue a patch with Vista’s next service pack. Microsoft released a beta version of Vista’s second service pack to testers last month. Vista’s Service Pack 2 is due for release by June 2009.
    [via Techworld.com]

    The way they could do this is through the Device IO Control which in turn could corrupt the Kernel of Windows Vista.  Now we all know that Microsoft will release a patch quicker than 6 months away.  According to this article, people are already looking for the exploit and want to know more about it.  I would be willing to bet they will have a patch out sooner than later.  Probably January or Febuary, which will be a big deal because no one will expect it.  I would also imagine hackers will start trying to figure out how they could install software as quick as possible before Microsoft pushes out the patch.   So what can you do to protect yourself, Get a firewall, a Antivirus and learn how to protect yourself to prevent yourself from getting a computer virus.