Microsoft Security Advisory (2718704)

Discussion in 'other security issues & news' started by ronjor, Jun 3, 2012.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    https://technet.microsoft.com/en-us/security/advisory/2718704
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Got the update on Windows 8 too, thanks for the notification. :)
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Small and painless update. :)
     
  4. guest

    guest Guest

    Microsoft certification authority signing certs added to the Untrusted Cert Store

    *

    Source.

     
    Last edited by a moderator: Jun 4, 2012
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Microsoft certification authority signing certs added to the Untrusted Cert Store

    Nope, someone beat you to it in another topic (can't find a link atm) :( and I've already even blogged about it.
     
  6. guest

    guest Guest

    Re: Microsoft certification authority signing certs added to the Untrusted Cert Store

    Taken from: http://blogs.technet.com/b/srd/arch...added-to-the-untrusted-certificate-store.aspx
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Microsoft certification authority signing certs added to the Untrusted Cert Store

    Much better.
     
  8. guest

    guest Guest

    Truly critical update.

    Got it too, thanks.

    ronjor, please, merge my other thread with this one. You posted about it first and I didn't see.
     
  9. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  10. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  11. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Strange, the advisory clearly points to windows update as a mean to patch. Or I misunderstood your post?

    http://technet.microsoft.com/en-us/security/advisory/2718704

    And this is from a WIN7 system:
    Capture.JPG
     
    Last edited: Jun 4, 2012
  12. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    I am guessing that this Windows update is why my XP machine rebooted itself at 3 am this morning.
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Win XP requires a reboot with this update. Vista/Seven do not.
     
  14. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
  15. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    I'm good with the XP update and required reboot. For some reason I had my speaker volume turned way up. I am not so good with the XP system shut down and start up sounds jolting me out of my sleep at 3 am. :thumbd:

    This reason alone would justify an upgrade to Windows 7.
     
  16. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    You may fetch the patch via Windows Update (recommended) - or via the KB article here: http://support.microsoft.com/kb/2718704

    When Microsoft offers an update via Windows Update, this would be the preferred method. For IT Pro's, etc - use your discretion in deploying these to your clients, workstations and so on.

    Flame speading from PC to PC via hijacked Windows Update puts more emphasis on keeping your PC patched and current, more than ever.
     
    Last edited: Jun 4, 2012
  17. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    https://blogs.technet.com/b/msrc/ar...ased-mitigation-strategy.aspx?Redirected=true
     
  18. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Awesome, I guess the Windows Update hardening is to prevent the Flame malware spoofing updates.
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    https://blogs.msdn.com/b/rds/archiv...-remote-desktop-services.aspx?Redirected=true
     
  20. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,051
    Location:
    USA
    Also Server 2003/R2 requires a reboot. Server 2008/R2 do not.
     
  21. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    https://blogs.technet.com/b/srd/arc...o-sign-the-flame-malware.aspx?Redirected=true

     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Microsoft Hardens Windows Update

    http://www.darkreading.com/advanced...rdens-windows-update-after-flame-attacks.html

     
  23. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Re: Microsoft Hardens Windows Update

    Good deal, though I'm sure the ladies and gents behind these weapons will work their way around it or find some other way to plow through it.
     
  24. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Re: Microsoft Hardens Windows Update

    It appears to claim it will happen during next weeks Windows Update, surprising fast for Microsoft.
     
  25. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Re: Microsoft Hardens Windows Update

    I think MS has learned its lesson from so many years of piddling around. Plus, using Windows Update for malware is just one PR calamity they really don't want to have to deal with. It's one thing for some little bug buried deep in code to help out in an attack, it's quite another for the very system that patches and tries to keep umpteen millions of users safe to be used as a weapon.
     
Loading...
Thread Status:
Not open for further replies.