Security

Internet

See all Internet

IT

See all IT

Mobile Tech

See all Mobile Tech

Security

See all Security

Technology

See all Technology

Newsletters

See all Newsletters

Microsoft Releases Critical Fixes, Ends SP2 Block

Microsoft yesterday released its monthly security updates, which on this “Patch Tuesday” included fixes for the Windows operating system and Internet Explorer (IE), MSN Messenger, Exchange Server and Word. The company designated five of the patches as critical and three as important.

Analyst Ed Moyle of Security Curve said its vital for Microsoft users to install the patches. The five critical vulnerabilities, which affect all but IE, involve remote code execution.

Remote Control

Remote code execution means that an attacker can remotely cause the system to execute any code he or she desires over the network, such as installing backdoors or Trojans.

“By far, the worst one is MS05-019, which is a vulnerability in the TCP/IP implementation of Windows; the fact that it is remotely exploitable, compounded by the fact that it affects the majority of Microsoft products, makes this one of the most serious vulnerabilities we’ve had in the past few years,” Moyle told TechNewsWorld.

“Given the amount of systems that are vulnerable, it is probably only a matter of time before we see malware such as a worm or virus that targets this vulnerability specifically,” he said.

Microsoft also stopped the automatic block it had put in place for enterprises that did not want to install Windows XP Service Pack 2 (SP2), a move it had scheduled when it first released the security update.

Enterprises can still manually block SP2 from installing on their desktops by turning off automatic updates, but this move would also block other security updates.

Saying No to SP2

Companies might want to block SP2 because its security functions can cause compatibility issues with existing software, which is why Microsoft offered the block when it released SP2 eight months ago.

The move was designed to give IT administrators time go develop workarounds to any application issues that arise.

But according to a survey released last week by AssetMetrix, fewer than 24 percent of 251 enterprise respondents had integrated SP2 into their desktop environments.

In addition, Microsoft added the ability to receive security bulletins via RSS feed or MSN Messenger alerts.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Susan B. Shor
view all
High-Risk Flaw Found in Symantec’s Software
December 22, 2005
Sony Digs Another Hole With ‘Overeager’ DRM Placement
December 7, 2005
Microsoft’s SNARF Finds Your Friends Among Tons of E-Mail
December 2, 2005
Dead Keeps Concert Sharing Alive
December 1, 2005
ICANN May Release Single-Letter Domain Names
November 29, 2005
Holographic Storage Disc Coming by End of Next Year
November 28, 2005
Web Portal Gives Patients Control of Mammogram Records
November 18, 2005
Computers Get Sober at the Holidays
November 16, 2005
Radio Makes a Comeback on Your Phone
November 15, 2005
IBM Reigns Supreme in Supercomputer Production
November 14, 2005
More in Security
browser security to secure the enterprise
Menlo Secure Cloud Browser Enables a Safer Enterprise Workspace
February 20, 2024
Noorio B310 wireless home security camera with 2K resolution: review
Noorio B310 AI-Powered Camera Spotlights Better Outdoor Security
October 13, 2023
tech innovation
The Magic Presented at HP Imagine 2023
October 9, 2023
opne source vulnerabilities
Qualys Discovers Critical Linux Flaw ‘Looney Tunables’
October 4, 2023
More Linux Malware Means More Linux Monitoring
September 15, 2023
Atlas VPN Linux Leak Exposes Users’ IP Addresses
September 7, 2023
passwordless computing
The Realities of Switching to a Passwordless Computing Future
September 5, 2023
When Betting on Linux Security, Look at the Big Picture
August 28, 2023
robocall incoming on a smartphone
Researchers Reveal Method To Stifle Malicious Robocalls
August 10, 2023
Winees L1 2K solar-powered security camera
Winees L1 2K Solar Security Camera Has Good Performance, Flawed App
July 20, 2023

Why do you typically choose to use a ride-sharing service?
- select all that apply -
Loading ... Loading ...

Technewsworld Channels

Applications

Applications

Courts, Regulators Pose Threat To Apple Services Revenue in 2024

Audio/Video

Audio/Video

OpenAI’s Sora, ElevenLabs, and the End of Video Media as We Know It

Chips

Chips

GTC 2024: The Brilliant Insanity of Nvidia’s CEO and Which AI Vendors Stood Out

Computing

Computing

Nvidia Raises Ante in AI Chip Game With New Blackwell Architecture

Cybersecurity

Cybersecurity

Ransomware Gangs Targeting Backups To Maximize Payoffs

Data Management

Data Management

The Realities of Switching to a Passwordless Computing Future

Developers

Developers

AI Will Have a Transformative Impact on Software Development in 2024

Emerging Tech

Emerging Tech

Elegoo’s Vision Is Shaping the Future of 3D Printing

Exclusives

Exclusives

More Linux Malware Means More Linux Monitoring

Gaming

Gaming

Next-Generation Wi-Fi 7 Standard Expected To Be Finalized in Early 2024

Hacking

Hacking

Report Finds White Hats on Offensive Against Black Hat Hackers

Hardware

Hardware

Qualcomm Chip Closing Performance Gap With Apple M3 in Leaked Benchmarks

Health

Health

SevaCare Blood Pressure Monitor Offers Affordable Home Health Assurance

Home Tech

Home Tech

Temu and Homary: Online Retailers That Are Generally a Good Value

How To

How To

Lunar Lobster Is Dead: How To Upgrade to Ubuntu 23.10 Mantic Minotaur

Internet of Things

Internet of Things

Paranoia in the Home: 1 in 3 Americans Worried About Their Smart Gadgets Being Hacked

IT Leadership

IT Leadership

HP Amplify Event’s Second Act Was Worth the Wait

Malware

Malware

Mobile Security Firms Fortify Defenses as App Attacks Accelerate

Mobile Apps

Mobile Apps

The DOJ’s Flabby Antitrust Lawsuit Against Apple

Operating Systems

Operating Systems

LinDoz Returns With Advanced AI To Revamp the MakuluLinux Lineup

Privacy

Privacy

Are Deepfakes Overblown?

Reviews

Reviews

The Orbi RBE973 Wi-Fi Router Really Is That Good

Science

Science

AI-Powered Software Offers Breakthrough for Treating Dyslexia

Search Tech

Search Tech

Affiliate Marketing Contributing to Substandard Search Results: Study

Servers

Servers

Disorganization, Not Cost, Fuels the IT E-Waste Crisis

Smartphones

Smartphones

Apple, Google Talks Could Bring Gemini AI to iPhone

Social Networking

Social Networking

Tech Coalition Launches Initiative To Crackdown on Nomadic Child Predators

Space

Space

Amazon’s Competitor to Musk’s Starlink Takes Critical Step Toward Deployment

Spotlight Features

Spotlight Features

Standout Tech Products of 2023

Tablets

Tablets

10 Products From CES 2024 That Set the Innovation Bar

Tech Buzz

Tech Buzz

Might Nvidia Be the First Company With an AI CEO?

Tech Law

Tech Law

Electronic Frontier Foundation Calls for FTC Action on Poisoned Set-Top Boxes

Transportation

Transportation

How AI Could Have Prevented the Key Bridge Collapse

Virtual Reality

Virtual Reality

Vision Pro Revives One-and-Done App Purchases

Wearable Tech

Wearable Tech

Apple Vision Pro Impressions: One Week Later

Women In Tech

Women In Tech

‘Women Don’t Play’ Confronts Gender Disparity in the Tech Industry

More from ECT News Network

E-Commerce Times

B2B E-Commerce: Key Reports Indicate Many Web Stores Broken
B2B E-Commerce: Key Reports Indicate Many Web Stores Broken
April 10, 2024
Beyond the Cart: UX Hits and Misses Can Make or Break a Virtual Storefront
Beyond the Cart: UX Hits and Misses Can Make or Break a Virtual Storefront
April 2, 2024
Spectrio Digital Signage Gives AI Assist to In-Store Marketing
Spectrio Digital Signage Gives AI Assist to In-Store Marketing
March 27, 2024

LinuxInsider

How To Connect via OpenVPN on Ubuntu
How To Connect via OpenVPN on Ubuntu
April 19, 2024
Best Record Yet for Open Source Use in Business Worldwide
Best Record Yet for Open Source Use in Business Worldwide
April 12, 2024
What To Do if Your Linux Server Has Been Hacked
What To Do if Your Linux Server Has Been Hacked
March 22, 2024

CRM Buyer

Bigeye’s Dependency-Driven Monitoring Boosts Reliability of CRM Data
Bigeye’s Dependency-Driven Monitoring Boosts Reliability of CRM Data
April 15, 2024
AI-Human Collaboration and the Future of Customer Service
AI-Human Collaboration and the Future of Customer Service
April 4, 2024
Salesforce Enhances Field Service
Salesforce Enhances Field Service
March 21, 2024