Archive | August 10, 2006

But don't just take my word for it…

Microsoft Watch from Mary Jo Foley reports Patch Windows Now, Homeland Security Warns. “The Department of Homeland Security has spoken. Apply the patches in the MS06-040 security bulletin for Windows, which Microsoft released on August 8, the agency is warning users.”

Microsoft's Monthly Security Patches for August 2006

I received the “Microsoft Security Bulletin Summary for August, 2006” in my inbox this morning. You'll want to sign up on the Microsoft site if you don't get this email and have responsibility for supporting and protecting Windows machines. You can find the bulletin here.

Nearly all the 12 items were rated critical and resulted in “Remote Code Execution” – in other words, someone else taking over your machine. Every version of Windows – those still supported – Windows 2000 SP4 through Windows Server 2003 – are affected. Individual applications getting patched include all the Office products, VBA-enabled products, and nearly anything with HTML: Internet Explorer, HTML Help, Microsoft Management Console. Get patching!

MS06-040 – Vulnerability in Server Service Could Allow Remote Code Execution (921883)

MS06-041 – Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)

MS06-042 – Cumulative Security Update for Internet Explorer (918899)

MS06-043 – Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)

MS06-044 – Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)

MS06-046 – Vulnerability in HTML Help Could Allow Remote Code Execution (922616)

MS06-047 – Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)

MS06-048 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)

MS06-051 – Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)

MS06-045 – Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)

MS06-049 – Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)

MS06-050 – Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)

We're up to 51 patches on the 32nd week of the year. It's pretty apparent that whatever Trustworthy Computing brings us, it won't be a static thing.

Converting an existing Windows install into a VM

Here is a clever solution to the problem of trying to remember all of your passwords, settings, configurations and so forth when converting your current OS into a VM: backup your old installation and restore it into a clean VM. There may be problems with drivers and such, since the VM “hardware” may not work with all the drivers you have installed, but it sure looks like it could be a timesave.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.