On GameSpot: So-called 'Halo killer' gets 23 to life
BNET Business Network:
BNET
TechRepublic
ZDNet
76 TalkBacks

By Robert Lemos
Posted on ZDNet News: Oct 15, 2003 7:28:00 PM

Microsoft released its first monthly security update on Wednesday, following a new schedule that attempts to ease the load on overburdened system administrators.

The first update consists of five vulnerabilities deemed "critical" by the software giant, the top rating that Microsoft assigns to security flaws. The ranking is used to designate security flaws that could allow online vandals to take control of a user's computer or create an Internet worm that could spread from system to system.


Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.
"All of the five critical (vulnerabilities) are, of course, critical, so that means they are wormable," said Jeff Jones, senior director of Microsoft's security business unit.

Three of the critical flaws affect all of the Windows operating systems currently supported by Microsoft, including various editions of Windows NT, Windows 2000, Windows XP and Windows Server 2003. Another critical flaw affects only Windows 2000, and the fifth such flaw affects Microsoft's Exchange Server 5.5 and Exchange 2000 Server products. More information on the flaws--numbered MS03-041 to MS03-047--can be found on Microsoft's security Web page.

The software giant's move to a monthly from a primarily weekly patch release schedule is a major change for system administrators bogged down by a to-do list of fixes to apply to Windows computers. Microsoft believes the new schedule will help administrators deal with the workload. The software giant's CEO, Steve Ballmer, said that the monthly schedule will help companies prepare to patch computers.

"We will now go to monthly patches--no more than monthly," he told attendees at the recent Microsoft Worldwide Partner Conference. "That predictability is something you and our customers have highlighted to us we need to do, because people are feeling like they have to drop everything and deploy every patch at all times."

Microsoft revealed several other security initiatives at the event, including a reduction in the ways that administrators get patches, better consumer education, and improving the default security of its products.

While Jones recommended that administrators examine all the advisories, he said that one flaw in the messenger service that allows Windows applications to talk to each other--not to be confused with Microsoft's instant messaging application--should be taken care of immediately.

"I would advise them (administrators) to take the mitigation step of turning off that service and, of course, apply the patch," he said.

Windows users can automatically check their systems for necessary updates using Microsoft's Windows Update. More information can be found on Microsoft's Protect Your PC page.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 76 Talkback(s)
technet
you should be able to download patches individually from MS' technet site. i THINK if you go to windows update and click the more info button, it'll have a link to just download the patch.... (Read the rest)
Posted by: ryusen Posted on: 10/22/03 You are currently: a Guest | | Terms of Use
If I was a virus writer...  Jomo_z | 10/15/03
New Reality TV show?  jonnormand | 10/15/03
"Stupid" kids vs. Techies  michael-t | 10/15/03
Stupid Kids  Delaware Boy | 10/16/03
RE: New Reality TV show?  CooCooCaChoo | 10/15/03
What are you talking about?  samwise | 10/16/03
99% ??  rock06r | 10/16/03
If I was a smarter virus writer...  rock06r | 10/16/03
Message has been deleted.  jonnormand | 10/15/03
New talkback system deemed a "failure"  tic swayback | 10/15/03
if only it worked  ryusen | 10/15/03
It is ridiculous...  John Le'Brecage | 10/15/03
Who are the techies?  Ardian Daka | 10/16/03
New talkback system deemed a "failure"  Cardinal_Bill | 10/15/03
Re-reg  pschroeder@... | 10/15/03
policy  ryusen | 10/15/03
Re : policy  lmaxwell | 10/15/03
re :
New talkback system deemed a "failure"  lmaxwell | 10/15/03
not really  tic swayback | 10/16/03
i doubt it  ryusen | 10/16/03
I don't think it's too bad  Arrg | 10/16/03
agreed  Michael Kelly | 10/15/03
RE:New talkback system deemed a "failure"  loveroffunbags@... | 10/15/03
I dunno... I kinda like it  emartin_z | 10/15/03
You Are Right Re The New Format  The Real Bitch | 10/15/03
(NT) Use Opera  toomuchgreeatea@... | 10/15/03
RE: You Are Right Re The New Format  CooCooCaChoo | 10/15/03
True...  The Real Bitch | 10/16/03
RE: New talkback system deemed a "failure"  CooCooCaChoo | 10/15/03
I have no problem logging in  The Real Bitch | 10/16/03
It's not bad, but it's pretty slow  Beatrix Kiddo | 10/16/03
slow and clunky  tic swayback | 10/16/03
Im with you  Hanover Phist | 10/16/03
What else is new ?  GLMarx | 10/16/03
Well that makes sense  Len Rooney | 10/15/03
Trustworthy Patchputing  Harry Bardal | 10/15/03
OK, I admit it -- I'm jealous!  Len Rooney | 10/16/03
Trust Bundling  Harry Bardal | 10/16/03
Lucky People  michael-t | 10/15/03
Nonsense  pschroeder@... | 10/15/03
Re: Nonsense  GraysonPeddie | 10/15/03
Re: Nonsense  Iain_Peters | 10/15/03
Network admin  pschroeder@... | 10/16/03
in an ideal situation  ryusen | 10/16/03
SUS  pschroeder@... | 10/16/03
Thank you  ryusen | 10/16/03
Server for each department!  Arrg | 10/16/03
"Servers"  pschroeder@... | 10/16/03
And!  Arrg | 10/16/03
re: bandwidth  ryusen | 10/16/03
Missing the point  pschroeder@... | 10/16/03
I'll, I'll  The Real Bitch | 10/16/03
Trustworthy happy  michael-t | 10/15/03
Re: New talkback system deemed a failure  Spoon Jabber | 10/15/03
Deleted  pschroeder@... | 10/15/03
Plus  The Real Bitch | 10/15/03
(NT) Use Opera  toomuchgreeatea@... | 10/15/03
Get a real Browser ...  GLMarx | 10/16/03
but  ryusen | 10/16/03
But - Opera has the answer for you  Iain_Peters | 10/16/03
Text Zoom  pschroeder@... | 10/17/03
Re: New talkback system deemed a "failure"  Chazo | 10/15/03
"Next Message" on the righ  S.Howard-SarinZDNet Moderator | 10/15/03
For those who are still running NT Workstation  toomuchgreeatea@... | 10/15/03
Trustworthy Computing? HAHAHAHAHA!  Chad_z | 10/15/03
5 ZDNet security stories in 1 day, windows must be...  Richard Flude | 10/15/03
Me first!  Yen_z | 10/15/03
Daily...Week...2 Weeks...Month...Doesn't matter to me!  GraysonPeddie | 10/15/03
Who does this really serve?  tic swayback | 10/16/03
Re: Who does this really serve?  GraysonPeddie | 10/16/03
Who does this really serve?  Iain_Peters | 10/16/03
this is great  lmaxwell | 10/15/03
why not...  ryusen | 10/16/03
Question on downloads of patches  Iain_Peters | 10/16/03
technet  ryusen | 10/22/03
Hope this means better patch testing  doctormoriarty | 10/16/03

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
advertisement
Click Here