Microsoft is releasing collected security patches each month for their Windows operating systems. I’m not a fan of this approach because I would feel safer and securer if they would release patches as soon as they would be ready to be released which would secure computers and reduce the time that someone could exploit these security vulnerabilities.
Two security patches have been released this month, they are the critical Microsoft Security Bulletin MS08-001 and the important Microsoft Security Bulletin MS08-002. The critical patch fixes vulnerabilities in Windows TCP/IP that could allow remote code execution while the important patch deals with a vulnerability in LSASS that could allow local elevation of privilege.
Both patches are available through Windows Updates but also as single downloads. Several operating systems need to be patched including Windows Vista (only the critical), Windows 2000 and Windows XP. Downloads are available if you follow the links above.
Related posts:
Microsoft releases 11 security bulletinsMicrosoft Security Patches April 2008
Microsoft releases security updates for XP and Vista
Microsoft August 2008 Security Updates
Microsoft updates two critical security patches
Microsoft Patch Tuesday December 08
Microsoft Security Patches for June 2009
Microsoft Patch Tuesday November 08
Yes, and the patch that deals with Windows TCP/IP changes the half-open connections back to the default setting of 10 for XP and most likely to whatever it is by default for Vista too.
This means that all the proxy forum sites will be flooded with posts again as to why people are receiving nearly all “timeouts” when testing proxies with proxy analyzing software.
Rerun the patch available at http://www.lvllord.de/ following the install of the Windows patch.