I did the majority of the MS Windows XP updates for the month, but the following three I didn't do yet because the first didn't have any info on it, and the other two weren't listed in the "main list" you see posted around the internet for "Update Tuesday".
Microsoft Windows XP
Update for Windows XP (KB968389)
Typical download size: 798 KB , less than 1 minute
Install this update to help strengthen authentication credentials in specific scenarios. After you install this item, you may have to restart your computer.
Me: Did anybody here install this? Any reason to? When I read about it on the MS site, it sounded like it doesn't really do anything unless you go in and change some other settings in your system (and I wouldn't think most laymen like myself would mess with that, or even realize you need to do that). Or am I missing something? Or can this just be ignored?
Security Update for Windows XP (KB958470)
Download size: 1.3 MB , less than 1 minute
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.
Me: This has to do with Remote desktop client -- which I don't use and have turned off. Not sure why this came up for me (but wasn't part of the main Tuesday updates listed elsewhere). Skip this?
Security Update for Windows XP (KB960859)
Typical download size: 266 KB , less than 1 minute
A security issue has been identified that could allow an authenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.
Me: This has something to do with Telnet -- and, again, it wasn't part of the main "Tuesday updates" list, so I'm not sure why it suddenly came up for me. The link here: http://support.microsoft.com/kb/960859 ...says:
This security update addresses reflection protection in the Telnet protocol.
This security update contains a defense in-depth fix to allow for the Telnet client and server to opt in to extended protection. By default, this functionality is disabled. Please review this security update and the following security advisory closely which describe Extended Protection in more detail to make sure that you know the affect of these changes:
973811 (http://support.microsoft.com/kb/973811/ ) Microsoft Security Advisory: Extended protection for authentication
...then goes on to some complex thing about enabling the extended protection, that I can't imagine the laymen would do or even know to look up. I'm guessing/hoping this isn't something I need to mess with and I can just ignore the update. Thoughts?
Thanks for the help!
(Moderator edit: thread moved to more appropriate forum. jgw)
Edited by jgweed, 21 August 2009 - 08:44 AM.