1
   

Update IE on Wednesday - Critical

 
 
dlowan
 
  1  
Reply Tue 11 Jan, 2005 08:55 pm
Monger wrote:
cjhsa wrote:
So, what do I do then?


IMHO, install SP2.

(Based on personal experience, I see no reason not to.)


Look - I am a happy and proud computer doofus - I installed SP2 without incident, and have had no problems with it at all.

If I have found no troubles, I would be surprised if you need to fear it!
0 Replies
 
Monger
 
  1  
Reply Tue 11 Jan, 2005 08:56 pm
If one of the updates you installed was KB890175 (there's a link on the windows update site to show your installation history), then yes.

(As Craven said, however, SP2 fixes a bunch of things that are as important.)
0 Replies
 
cjhsa
 
  1  
Reply Tue 11 Jan, 2005 08:56 pm
There have been plenty of problems with SP2, believe me. Also, since it is so huge, I'd rather do it from a CD/DVD than try to download it, even over DSL. And I don't have one.
0 Replies
 
cjhsa
 
  1  
Reply Tue 11 Jan, 2005 08:58 pm
Yes, I got that one. Thanks.
0 Replies
 
dlowan
 
  1  
Reply Tue 11 Jan, 2005 09:00 pm
Interesting - mine downloaded itself on dial up over several days.

I just kind of watched and wondered. I have automatic updates on - so I wasn't sure I knew what it was.

I wonder why it is fine on one computer, even with a doofus in charge, and not on others.....weird things, computers...
0 Replies
 
Monger
 
  1  
Reply Tue 11 Jan, 2005 09:01 pm
cjhsa wrote:
There have been plenty of problems with SP2, believe me.

What you do is your choice of course, but the same thing is said about every service pack. E.g. XP's service pack 1 had more reported problems...but VERY few people would recommend against installing that now, though that wasn't the case right after it was released.
0 Replies
 
Don77
 
  1  
Reply Tue 11 Jan, 2005 09:04 pm
You can order the CD free from MicroSoft

See Here

For the record, I just downloaded the patch for ME, took all of about 3 minutes maybe less, Certainly a lot easier than spending hours cleaning crap of your system Very Happy
0 Replies
 
cjhsa
 
  1  
Reply Tue 11 Jan, 2005 09:06 pm
That's funny, now the tray updater icon says I need some GDI detection tool, but nothing about SP2. The updater site says the "automatic" install of SP2 failed.

Weird.
0 Replies
 
Don77
 
  1  
Reply Tue 11 Jan, 2005 09:06 pm
BTW Thanks for the tip off Craven
0 Replies
 
Seed
 
  1  
Reply Tue 11 Jan, 2005 09:24 pm
ok so the windows up date told me to install SP1 when i went back through to check it again it said there were no available updates... so no SP2... is that a bad thing? how do i check to see if i have already downloaded it?
0 Replies
 
Craven de Kere
 
  1  
Reply Tue 11 Jan, 2005 09:29 pm
dlowan wrote:
Any news on what it DOES?


This exploit uses a maliciously configured help file to traverse zones and can then execute arbitrary code in the local zone.

Because it can execute code there is nothing this exploit can't do.

I have, in testing this exploit, erased files from the test computer at whim, and this exploit can be used to do anything that can be done from command line.

If you don't understand it here is the simple version:

If you visit a website that contains certain malicious code, it can do what it wants to your computer unless you patch it.

------------

The windows patch for this update downloads and installs in mere minutes, and doesn't need a post-patch reboot.

So upgrade people, there's no excuse. When the script kiddies figure out how to use this there is great potential for havok (the first people to use it will be people trying to get spyware onto your computer).
0 Replies
 
Seed
 
  1  
Reply Tue 11 Jan, 2005 09:30 pm
ah well i found the way my computer properities... it says service pack 2
0 Replies
 
husker
 
  1  
Reply Tue 11 Jan, 2005 10:31 pm
ok - SP2 is complete now it wants to know about virus protection and firewall - said not to both

virus - already using Norton
firewall - one on router and mcafee on desktop

you thing I should only run:
1. current settings
2. all Microsoft
3. blended
4. differntt?

thanks


so far cannot see any problems - need to keep testing programs
0 Replies
 
Craven de Kere
 
  1  
Reply Tue 11 Jan, 2005 10:42 pm
sp2 does not offer virus protection, it is asking about it so that it can help alert you when your AV software is not running.

In any case none of those questions pertain to the exploit this thread is about, so please ask them in a new thread.
0 Replies
 
cjhsa
 
  1  
Reply Wed 12 Jan, 2005 12:32 am
Years ago a coworker discovered an IBM MVS 370 JCL "ieb" command that essentially alllowed one to issue TSO commands as if you were sitting at the console of the mainframe. I believe it was called batch TSO, and it gave you full control. While the system admins were upset about him finding and exploiting it (harmlessly), it was really their fault for knowing about it and choosing to ignore it and hope no one ever found out about it.
0 Replies
 
dlowan
 
  1  
Reply Wed 12 Jan, 2005 01:25 am
So - now that I have installed the patch - can I return to my normal (medium) internet settings?
0 Replies
 
squinney
 
  1  
Reply Wed 12 Jan, 2005 05:53 am
Interesting. I have SP2 and am set for automatic updates. This function has been working for several months now. But this time, until I went to the download link in this thread, I wasn't notified that I had new updates to install and this patch, as well as 2 others were not automatically installed as they should have been.

All patched up now. Thanks for the heads up.
0 Replies
 
dlowan
 
  1  
Reply Wed 12 Jan, 2005 05:56 am
I find that automatic updates tends to lag a bit - usually by a few days.
0 Replies
 
Phoenix32890
 
  1  
Reply Wed 12 Jan, 2005 05:58 am
Soon as I booted up, I got the notification of the patch to download it. Mission accomplished. Craven-Thanks for the "heads up". If I did not realize how important it was, I would have waited awhile (translated- read through all the A2K stuff) before I had downloaded.
0 Replies
 
Noddy24
 
  1  
Reply Wed 12 Jan, 2005 09:13 am
All secure here. Thanks, Craven.
0 Replies
 
 

Related Topics

Clone of Micosoft Office - Question by Advocate
Do You Turn Off Your Computer at Night? - Discussion by Phoenix32890
The "Death" of the Computer Mouse - Discussion by Phoenix32890
Windows 10... - Discussion by Region Philbis
Surface Pro 3: What do you think? - Question by neologist
Windows 8 tips thread - Discussion by Wilso
GOOGLE CHROME - Question by Setanta
.Net and Firefox... - Discussion by gungasnake
Hacking a computer and remote access - Discussion by trying2learn
 
Copyright © 2021 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 07/29/2021 at 04:21:59