DHS wants you patch your Windows computer

"The Department of Homeland Security (DHS) issued the rare advisory after Microsoft announced a dozen patches for vulnerablities in the Windows software. One of the flaws opens a back door to a computer without any action by the user."

--more--http://www.cio-today.com/news/U-S--Warns-of-Windows-Security-Flaw/story.xhtml?story_id=022000RAYLDU


Time switch OS's my friends. If DHS is recommending a patch, I would run, not walk, away as fast as I can. Bite the bullet and switch to Linux, it's not nearly as hard as you think.

got it.

:argh:

How easy? I was told I needed to be "very sophisticated" to be able to use Linux.

I'm using Firefox/Thunderbird now. No more IE.

The first thing I recommend for people who don't think they're technically capable of using Linux is to download and burn a copy of Knoppix onto a CD. Then reboot your computer with the new Knoppix CD in your CD drive. Within two minutes you will be running a full Linux based operating system and able to do everything you were capable of doing before, and maybe some things you never thought yourself capable of. When you want to go back to Windows just reboot your machine and eject your Knoppix CD. Nothing ever gets installed on your hard drive. It's 100% free.
http://www.knoppix.org

I figure it would be good for my repair work and handy to have in my toolkit. Knoppix would not boot from the CD and was never able to run at all, on THREE different computers - didn't like the hardware, as far as I can tell. So much for that idea. I still hang onto the CD just in case I can find a computer on which it will run, but one more failure and it's into the trash can. Your mileage may vary.



Educate Your Local Freepers!
Flaunt Your Opinions With Buttons, Stickers and Magnets from BrainButtons.com
>

I know people who run Linux and have seen them spend hours trying to deal with some problem. Fewer people can help with Linux problems which is the real issue for me.

Mind you, I'll probably be running Linux on my laptop in a couple of years - I'm just waiting for a fairly user-friendly version. (I know it's gotten a lot better in the last few years but figure it can get even better). Right now, I use it, but on a computer that's maintained by someone else - who has spent some time dealing with problems when they've occurred (and he's quite knowledgeable about Linux).

one version of Linux on another version of Linux. I know someone who spent days trying to work out one such issue with one program. That's what I need Linux for. I can't use it for things like Word Processing because I need to be compatible with people using Windows.

You complain about Microsoft's practices and lax security, but when presented with a viable alternative you whine that it's not Microsoft. You deserve what you get.

practices or lax security. And I suspect, that just as is turning out to be the case with Apple computers now that hackers are targeting them a bit more) there are security holes with Linux, too. Whether or not they're as bad remains to be seen.

I was discussing user-friendliness.

It's a free office suite that allows you to open MS Office documents and also save in that format.

Frankly, I think it is better than MS Office and there is a Windows and Mac port of the software as well.

openoffice.org

used to use it but had to switch to be compatible with Microsoft word users. (For publishing, formatting is crucial).

Thank you for the link!

:kick:

Is it makes it really easy to try out a Linux based O/S without any real cost. So yeah, give it a try. It can't hurt and you might enjoy it. Good luck!

Most preconfigured linux systems are adequate for web browsing, email, and document editing. If you have special needs like gaming, high-end DTP, high-end multimedia editing, or advanced telephony then some tweaking or additional software installation might be needed.

What's really needed for folks to make the switch en-masse is for a good number of semi-sophisticated users to switch, because the missing ingredient is end-user-level self-help. Linux has it, but not in the mass quantity that Windows does. At some point a critical mass of this level of self-help needs to form. (There's already a thriving self-help community for the more sophisticated users.)

The best people in a position to take advantage of Linux right now are people who know longtime Linux users who will help them out while invited over for a beer, and those people who have a spare system so they can experiment without the safety net of their familiar environment.

I'm not going to lie, Linux can take some getting used to and does require some reading. Fortunately the newbie-friendly distros take a lot of that pain away with package managers and the like. If Knoppix doesn't work, then Ubuntu does have a live CD version of their distro as well.

I originally switched because of the DRM issue and all of the unnecessary crap that MS likes to push with their patches (Genuine Advantage anyone?). Frankly, I won't be going back. Linux is a lot less stressful than fighting with the Windows monster everyday.

http://www.dhs.gov/dhspublic/display?content=5789

NFW will Microsoft M$06-040 security patch go on my machine.

I don't think so. :scared:

What is the scope of the vulnerability?
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

What causes the vulnerability?
An unchecked buffer in the Server service.

What is the Server service?
The Server service provides RPC support, file print support and named pipe sharing over the network. The Server service allows the sharing of your local resources (such as disks and printers) so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could take complete control of the affected system.

Who could exploit the vulnerability?
Any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.

How could an attacker exploit the vulnerability?
An attacker could try to exploit the vulnerability by creating a specially crafted message and sending the message to an affected system. The message could then cause the affected system to execute code.

What systems are primarily at risk from the vulnerability?
While all workstations and servers are at risk regarding this issue, Windows 2000 systems are primarily at risk due to the unique characteristics of the vulnerability and affected code path.

Yeah they don't say anything.
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

Does it install files? Which ones? Where? What about registry settings? Permissions, etc.?

All that says is, "Yes, there's a flaw, and someone might use it to hack into your system, but there's no way for you to tell if they have, so download our patch NOW!"

please then do not download the patch then.. Oh and by the way can i have your IP address? I mean really is this the plot against the world everyone is fearing or just a way to keep someones silly ass out of being compromised? It's your choice you do not have to download it. Oh and about your IP adress.....

didn't disconnect my computer last night and around 3:00am was awoken to my computer shutting down and restarting. I did a search and I think the patch was downloaded. What a way to wake up.

Never leave your computer without shutting it down and turn off the power.

Is a terist gonna jump outta my fucking monitor and toss a dirty bomb out the window???

:eyes:

uses Windows servers? Maybe they don't want their systems taken over? I don't know you tell me.

:eyes: