Microsoft Races To Fix Massive Internet Explorer Hack

[tomos]

Wondering is there any way of easily checking what updates are installed? (in Win7, they show you a nice list after updating/rebooting, but I dont know how to access that)

-tomos (May 02, 2014, 10:34 AM)

Control Panel-->System and Security then look for View Installed Updates under the Windows Update section.

-Stoic Joker (May 02, 2014, 11:12 AM)

thanks

[app103]

I don't understand why people keep calling this a Windows XP update. It's not. It uses the "Microsoft Update" automated update system to update a Microsoft product, namely IE. It's not an update to XP. It's an update to IE.

-Deozaan (May 02, 2014, 01:49 PM)

Because if it were classified as a Microsoft update for IE, as you say, covering all installations of IE 6 through 11, then those running Win98/ME/2K/pre-SP3 XP, with IE6, would also receive that update, just like XP SP3 users with IE6...and they are not. So this is an XP SP3 update.  

[Innuendo]

I don't understand why people keep calling this a Windows XP update. It's not. It uses the "Microsoft Update" automated update system to update a Microsoft product, namely IE. It's not an update to XP. It's an update to IE.

-Deozaan (May 02, 2014, 01:49 PM)

Quit clouding the issue with facts. We people of the internet do not take kindly to people who cloud. 

[TaoPhoenix]

Quit clouding the issue with facts. We people of the internet do not take kindly to people who cloud. 

-Innuendo (May 02, 2014, 09:59 PM)

Heh that's just *made* for the Simpson's Homer voice!

[crabby3]

However, KB 2964358 is rated as "important" rather than "critical," even though it would seem that the issue is more serious than "important" suggests.

-cyberdiva (May 02, 2014, 08:54 AM)

Vista is my poison and the update was listed as 'important' as well.  Though I don't recall ever seeing one labled 'critical'.  Just Important and Recommended.
Had to reset my Update History so it only goes back to December 2013 and Installed Updates doesn't list Importance so I may have had a Critical.

Moreover, this update was offered to me but not checked, which usually is a sign I shouldn't be quick to install it.

-cyberdiva (May 02, 2014, 08:54 AM)

Mine was also unchecked.

Needless to say, I haven't yet installed it.    

-cyberdiva (May 02, 2014, 08:54 AM)

Why would one chose to ignore a security update for anything installed?   

[crabby3]

Quit clouding the issue with facts. We people of the internet do not take kindly to people who cloud. 

-Innuendo (May 02, 2014, 09:59 PM)

Heh that's just *made* for the Simpson's Homer voice!

-TaoPhoenix (May 03, 2014, 08:20 AM)

[cyberdiva]

Vista is my poison and the update was listed as 'important' as well.  Though I don't recall ever seeing one labled 'critical'.  Just Important and Recommended.

-crabby3 (May 03, 2014, 08:28 AM)

However, I've found that the Microsoft report announcing this update lists it as "Critical."

Needless to say, I haven't yet installed it.    

-cyberdiva (May 02, 2014, 08:54 AM)

Why would one chose to ignore a security update for anything installed?   

-crabby3

Because a number of times in the past, I've had updates that Microsoft has listed but not checked, and most of the time, it turned out there was a problem with that update, so I was glad I hadn't installed it.

[crabby3]

@cyberdiva  This may be of interest.  http://krebsonsecuri...ash-player-zero-day/

Windows users who browse the Web with anything other than Internet Explorer will need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).

Being clueless (just kiddin 40) I don't know how trustworthy this is.

[Stoic Joker]

@cyberdiva  This may be of interest.  http://krebsonsecuri...ash-player-zero-day/

Windows users who browse the Web with anything other than Internet Explorer will need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).

Being clueless (just kiddin 40) I don't know how trustworthy this is.

-crabby3 (May 03, 2014, 10:20 AM)

I'd have to go with yes on that one as browser plug-in updates are a case by case per-browser thing.

[cyberdiva]

It's true that updating Flash requires applying one update for IE and a separate update for other browsers.  However, the update that I thought we were talking about was not Flash but an update for a problem that only affected Internet Explorer.  That's why many people were advising using a browser other than IE until the problem was fixed in IE.

[crabby3]

It's true that updating Flash requires applying one update for IE and a separate update for other browsers.  However, the update that I thought we were talking about was not Flash but an update for a problem that only affected Internet Explorer.  That's why many people were advising using a browser other than IE until the problem was fixed in IE.

-cyberdiva (May 03, 2014, 01:07 PM)

That's correct.  We were/are talking about the IE update.  This Flash update is just a little off topic and I wasn't/aren't quite sure how you handle any updates.