|
|
05-15-2019, 11:28 AM
|
#1
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
Important Windows updates!
A security flaw in Remote Desktop Services (RDS) is creating the potential for a "worm" exploit. The flaw is bad enough that M$ is releasing a security patch for XP and Server 2003, both of which have been out of support for years.
Computerworld article
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
05-15-2019, 09:27 PM
|
#2
|
The Voice of Reason!
Join Date: Mar 2001
Location: Canandaigua, New york
Posts: 112,850
|
Thanks for the heads up, from an XP user!
__________________
Who does the Racing Form Detective like in this one?
|
|
|
05-19-2019, 11:15 AM
|
#3
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
Update
Researchers at Mcafee and Zerodium have working "wormable" exploits but have not released any details. As of yet there are no exploits in the wild. If I wasn't clear in my original post this is a Windows 7 exploit as well as one that affects XP and older Server versions. Make sure to patch.
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
05-20-2019, 05:13 AM
|
#4
|
Registered User
Join Date: Dec 2004
Location: 45th parallel
Posts: 2,178
|
These are primarily Windows Server patches for machines with XP3 Service Pack and 64-bit machines.
Nothing at all for 32-bit machines.
The only update for a XP2 Service pack was with a 64-bit machine.
It's worth noting that XP-64 updates were available for nearly two years after MS ended support for XP-32.
The primary reason for this was because many of the XP-64 updates were compatible with Win-7.
__________________
Best Don
|
|
|
05-20-2019, 08:22 AM
|
#5
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
Quote:
Originally Posted by wilderness
These are primarily Windows Server patches for machines with XP3 Service Pack and 64-bit machines.
Nothing at all for 32-bit machines.
The only update for a XP2 Service pack was with a 64-bit machine.
It's worth noting that XP-64 updates were available for nearly two years after MS ended support for XP-32.
The primary reason for this was because many of the XP-64 updates were compatible with Win-7.
|
You post so much misleading information that you're dangerous. You come off as some kind of smart IT guy, but you're not. From the Computerworld article: If you’re running Windows XP or Server 2003 (more accurately, Windows XP SP3, Windows Server 2003 SP2, Windows XP Professional x64 Edition SP2, Windows XP Embedded SP3, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — which, yes, probably includes your aging cash register), you need to manually download and install the patch. The patch you want is called KB 4500331.
People who were concerned read the article and noted the paragraph I quoted. The number of XP64 systems is dwarfed by the number of 32-bit ones. If you're still running XP then likely you have patched it with Service Pack 3 -- and it's 32-bit! So by "nothing at all for 32-bit machines" what you really meant is nearly every XP system still in existence. And, as I also posted, the exploit also affects Win7 machines which still nearly 45%+ of the Windows market just slightly less than Win10.
Go fix your scanner.
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
05-20-2019, 09:39 AM
|
#6
|
Registered User
Join Date: Dec 2004
Location: 45th parallel
Posts: 2,178
|
misleading . . .
All you need to do is go to the download page to conifrm what I said.
BTW, I've three machines with XP (two with SP2-32 and the other with SP2-64).
There was only one download applicable SP2-64.
__________________
Best Don
|
|
|
05-20-2019, 09:40 AM
|
#7
|
Registered User
Join Date: Dec 2004
Location: 45th parallel
Posts: 2,178
|
BTW, not many folks in this forum (besides Tom & myself) with XP's.
__________________
Best Don
|
|
|
05-20-2019, 09:46 AM
|
#8
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
But a lot of people have Win7 so what's your point?
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
05-20-2019, 09:49 AM
|
#9
|
Registered User
Join Date: Dec 2004
Location: 45th parallel
Posts: 2,178
|
What's your point! (Rhetorical).
The updates were for XP.
__________________
Best Don
|
|
|
05-20-2019, 09:58 AM
|
#10
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
Apparently you just want to be a PITA and not read the article. In short, if you have a PC that runs any of these:
- Windows XP (including Embedded)
- Windows Server 2003, Server 2003 Datacenter Edition
- Windows 7
- Windows Server 2008, Server 2008 R2
You need to get patched now. Tell your friends.
Clear enough now?
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
05-21-2019, 10:14 AM
|
#11
|
BetMix User
Join Date: Dec 2004
Location: Boynton Beach, FL
Posts: 1,108
|
headhawg, Thanks for the heads up. Your information helped improve my XP computer,
|
|
|
07-23-2019, 08:13 AM
|
#12
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
BlueKeep update
It looks like the exploit is about to become a reality as the tech docs have been posted on GitHub. If your computer is vulnerable, remember to patch -- and soon. Ars Technica
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
07-23-2019, 10:54 AM
|
#13
|
Join Date: Mar 2001
Location: Reno, NV
Posts: 16,909
|
Quote:
Originally Posted by headhawg
It looks like the exploit is about to become a reality as the tech docs have been posted on GitHub. If your computer is vulnerable, remember to patch -- and soon. Ars Technica
|
This is still just about XP, right?
|
|
|
07-23-2019, 12:15 PM
|
#14
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
Not just XP, Dave. Win7 on the workstation side, and also Server 2003 and 2008. The confusion might be from post #5 which gives the link for the XP and Server 2003 patches, OSes that are not officially supported. You use the regular Windows Update process for 7 and 2008, so these will be patched during the normal monthly rollup. If for some reason people aren't, here is the direct link to the security patches -- M$ link
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
Last edited by headhawg; 07-23-2019 at 12:24 PM.
Reason: added info
|
|
|
07-26-2019, 08:31 AM
|
#15
|
crusty old guy
Join Date: Aug 2003
Location: Snarkytown USA
Posts: 3,917
|
BlueKeep now for sale. ZDNet article
__________________
"Don't believe everything that you read on the Internet." -- Abraham Lincoln
|
|
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|