Microsoft New Windows security updates

[Steve]

New Windows security updates were issued by Microsoft yesterday which should be applied to all machines automatically using the standard 'Windows Update' service. In particular, these updated Internet Explorer which had some serious security flaws in it which have already been exploited by malicious users. There were 3 'critical' updates and 2 others.

You should double-check that your PC runs the 'Windows Update' to ensure that any security issues with Windows and Microsoft systems are fixed automatically.

In one or two cases, this automatic update may not have run or may have failed, so I will prime the usual startup update check for Faculty and Regional machines to run at some point over the next few days so that you can make sure that your updating service is working correctly and has picked up the security patches. Right-click 'My Computer' and check the status of the service in the 'Automatic Updates' tab.

It is also worth checking the updatedness of your system by visiting the Microsoft Update site linked below.
-------------------------------------------------------------------------------------------------------------------

W E B L I N K S
Microsoft April Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx
Check for updates: http://update.microsoft.com

 

[Steve]

Further to this, as one patch fixes some issues it seems it also creates issues of its own...

The Security patch that you should have been installed on Windows this week introduces some changes to the behaviour of some websites which used embedded 'ActiveX' controls; whilst this isn't a security issue, it might feel like one to the user.

It is a consequence of applying the update and you may be affected by it. The whole issue relates to the resolution of a Patent legal case from 2003 when Eolas Technologies (a University of California company) sued Microsoft for the use of one of its patents and won the case.

All the details are described in the link below. Over time, it is expected that website developers will modify their sites to take account of the new behaviour included in the patched version of Internet Explorer.

Microsoft has issued a compatibility patch to delay the change for badly affected users. Installing the 'Compatibility Patch' (link below) will defer the change until June 13 2006.


W E B L I N K S
Information Week:
http://www.informationweek.com/hard...cleID=185300378&subSection=Personal+Computers

Compatibility patch: http://support.microsoft.com/default.aspx/kb/917425?

 

[Marcel]

As tempting as it is to replace those links with sneaky links to The definitive and last ever IE Patch required it would be unprofessional and very naughty of me to do so

 

[SammyC]

Heh