Slashdot Mirror

← Back to Stories (view on slashdot.org)

Homeland Security says 'Patch Windows Now'

Posted by ryuzaki0 on from the well-that's-paraphrased dept.

gregger writes "Wow, so the Department of Homeland Security is really concerned with Microsoft patches now... enough to come out and tell us to patch our machines. This warning, chronicled in eWeek, was issued less than a day after the release of 23 patches from Redmond. So, if you don't apply the patches, then what?"

9 of 381 comments (clear)

  1. Re:A plot? by Darth_Burrito · · Score: 2, Informative

    I'm a system administrator at a large university. Apparently Microsoft actually contacted a few people around the university urging them to patch up. This shocked a few people because apparently we don't normally get that kind of communication from them here. It went around our listserv yesterday. So anyways, it seems like Microsoft might think it's an unusually big deal too.

  2. Re:Otherwise the NSA won't be able to "help" you by LurkerXXX · · Score: 2, Informative

    Right. And of course you sniff all the packets that your machine sends out from your windows machine every time it gets a patch from microsoft, etc, etc, to make sure it's not 'reporting back' on your activities since you last connected to Microsoft, etc, etc?

    The opensource firewall only protects you from them initiating contact to your machine from outside. It doesn't prevent hidden reports being sent out. That takes a lot of human monitoring, and some packets, you just don't know the real content/context of (reports to MS etc).

  3. Paranoid poster doesn't search enough by technoextreme · · Score: 2, Informative
    And why isn't the government's warning message included with specific reasons and details of what the problems are and what the patch is going to do?

    Actually, they did that. You just didn't bother looking. http://www.kb.cert.org/vuls/id/650769
    http://www.us-cert.gov/cas/techalerts/TA06-220A.ht ml
    Why now?

    The cynical side of me also says that some department in the United States got hacked into. They do say that the exploits were being used but dont go futher.
    --
    Ooo man the floppy drive is broken. No wait. The computer is just upside down.
  4. Re:Since you are a system administrator... by Darth_Burrito · · Score: 3, Informative

    These ports have to do with things like name resolution, network file sharing, remote execution, and stuff. I don't really know all the details. While linux can talk samba with windows, it is more a windows to windows kind of thing. Read this for some more info. What port 445 does

    One should probably never have 139 and 445 exposed directly to the internet, one should probably only have them exposed beyond an individual workstation if that workstation is part of a realish network (eg, three pcs that never talk to each other plugged into the same linksys router wouldn't count). When in doubt, block it and see what happens.

  5. Re:Two Reactions by 'nother+poster · · Score: 2, Informative

    A long time ago (1988), in an Internet far far away (before commercialization), one of the first "computer viruses" (actually a worm) to be well known among the public was when some kid (grad student) crippled most of the UNIX boxes with a piece of broken self replicating code.

  6. Re:Two Reactions by corbettw · · Score: 3, Informative

    It seems to me that if the terorists wanted to cause chaos and confusion, they've been doing a good job.

    Except that's not what they want to do. They (and by "they" I mean Islamist terrorists) want everyone in Dar al-Harb to either become Muslim and join the Dar al-Islam, or die. Sowing confusion isn't really a part of either of those.

    --
    God invented whiskey so the Irish would not rule the world.
  7. Re:Download link for patches by Anonymous Coward · · Score: 1, Informative
    Yeah, I tried that last week. The installer wouldn't work on my PC. As much as I hate windows, at least it works.

    Bummer. For most people the Ubuntu installer works flawlessly, and they end up with a secure and functional computer. Sorry you're one of the unlucky ones. Maybe the next version to come out will work better on your computer.

    Actually, now that I think of it, a point-release of Dapper (6.06.1) came out yesterday or today, and it had a lot of installer fixes. You might consider giving that a shot. The nice thing is that since the live CD and the installer are the same CD, you can get a pretty good idea about whether or not it will install just by running the live CD.

  8. The real issue by tholomyes · · Score: 4, Informative

    This update is as important as it gets. There are vulnerabilities in every major MS program which allow remote code execution, which means that as soon as the exploit is discovered, it can take advantage of holes all over your system.

    Affected programs and services:
    - MS Server Services (TCP 139 and 445).
    - DNS servers
    - Internet Explorer
    - Outlook Express
    - Microsoft Management Console
    - HTML Help
    - Visual Basic
    - Microsoft Office
    - Windows kernel

    I'm not too surprised that they're trying to push awareness of this patch. It was the lack of patching several weeks beforehand that allowed Code Red to do as much damage as it did.

    --
    When did the future switch from being a promise to a threat? -C. Palahniuk
  9. Re:Cracking down on piracy by Anonymous Coward · · Score: 1, Informative

    Just go to http://download.microsoft.com./ Select advanced search. Choose the Security & Updates category. Sort by release date. Voila. You can now manually download all the security patches as they are released without needing to use WGA or automatic updates.