FYI for Windows users.

[theweaselking]

Microsoft is pushing a security patch marked "Critical" for all useful Windows versions, tonight. No details beyond that. The patch will require a reboot.

Comments

[athelind.livejournal.com]

The last Windows computer in the house died a week and a half ago.

[sanityimpaired.livejournal.com]

Personally, I'd rather they not tell me what the gaping security hole is other than to state that it's not there anymore. Code Red, Sasser, and Slammer should have taught us all that patch notes about security patches are dangerous things.

[jerril]

On the other hand, if nobody knows what it was, there's no way anyone can verify that the issue was really fixed and that a new bug wasn't introduced.

Security through obscurity doesn't work well.

[theweaselking.livejournal.com]

*They* know what it is. They just don't want to make it public twelve hours before a patch., because without a patch, that's 12 hours of every computer on the internet being vulnerable to executing arbitrary code.

They gave out details on *where* the hole was about 4 hours before the patch, and in the patch itself. In about a week, they'll release example code to exploit it on unpatched systems.

[sanityimpaired.livejournal.com]

Even after the fact, there are people who have ignored all the wonderful automatic update information and are now suddenly at huge risk because the details of the vulnerability are now available. Thus my reference to the most prolific and damaging virii we've ever seen, all of which were written based on security patch notes after the patch was released.

And I forgot blaster in the list. *facepalm*

[city-of-dis.livejournal.com]

Yeah, it restarted my machine without asking me and I lost some work. Goddamn it.

[theweaselking.livejournal.com]

Set your system to download and notify but not apply, then.

And also: Save your work every time you stand up!

[city-of-dis.livejournal.com]

Oh, fuck you Preachy McPreacherkins. I know I should have done that, but sometimes a boy forgets. Or falls over from all the narcotics and can't hit "save."

[theweaselking.livejournal.com]

The first tip means that it can never happen again.

[city-of-dis.livejournal.com]

Yes, I know that, but I'm also retarded when it comes to computers, so I'll have to ask my man to do it when he returns from his trip.

[theweaselking.livejournal.com]

XP or Vista?

In XP, click Start -> Control Panel
(Or Start -> Settings -> Control Panel, if you're using the older-model start menu.)

Click Automatic Updates.

There's a radio button with four options: Automatic (recommended) is ticked.

The next option down is the one to download and notify you but not install anything without permission.

That's the one you want. Select it and click OK.

You're done.

(Vista is very similar, but I don't think it's exactly the same process)