Ever Wonder what Windows Security Updates are about?

Windows Updates Dialog Window from my recent update process.
Windows Updates Dialog Window from my recent update process.

Every now and then we all have to run through the system update – some of us are aware of it (those who run it themselves), and others (typically those who have their IT department do it for them) are not. Have you seen this dialog window before? Do you actually know what is happening during this process?

We thought it would be a good opportunity to go over one example step by step, to help you understand the significance of the updates. Let’s dig in!

I ran this particular update ran on May 15th on one of my computers, and saved the messages for this overview. (Note, this is only one isolated example, specific to one PC – updates vary from time to time, and from system to system). Here is more information on this specific set of updates, step by step.

1. Installing Security Update for Windows XP (KB2829361) (update 1 of 6)… done!

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. I am glad they took care of this one! At least, for now.

2. Installing Windows Malicious Software Removal Tool – May 2013 (KB890830) (update 2 of 6)… done!

The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from your computers that are running Windows 8, Windows Server 2012, Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, or Windows XP. Microsoft releases a new version of the Microsoft Malicious Software Removal Tool every month. The tool runs on update one time to check your computer for infection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. This tool differs from an antivirus and does not replace your existing antivirus product.

3. Installing Cumulative Security Update for ActiveX Killbits for Windows XP (KB2820197) (update 3 of 6)… done!

Security issues have been identified in Active X controls that could allow an attacker to compromise a system running Microsoft Internet Explorer and gain control over it. Who wants someone else control their computer? I am sure you don’t!

4. Installing Security Update for Internet Explorer 8 for Windows XP (KB2847204) (update 4 of 6)… done!

This security update resolves one publicly disclosed vulnerability in Internet Explorer 8. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by modifying the way that Internet Explorer handles objects in memory.

5. Installing Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2804577) (update 5 of 6)… done!

This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in the .NET Framework. The more severe of the vulnerabilities could allow spoofing if a .NET application receives a specially crafted XML file. An attacker who successfully exploited the vulnerabilities could modify the contents of an XML file without invalidating the file’s signature and could gain access to endpoint functions as if they were an authenticated user. The security update addresses the vulnerability by modifying how the .NET Framework validates the signatures in XML files and correcting the way it creates policy requirements for authentication.

6. Installing Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2829530) (update 6 of 6)…

This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows servers. The security update addresses the vulnerabilities by modifying the way that Internet Explorer authorizes script access to data and handles objects in memory.

So, updates are done – now what?

It is important to remember that with technology evolving so fast, new products are offered every day. Not all of their security vulnerabilities are discovered right away – especially if you consider infinite possibilities of product combinations on individual systems – and some of vulnerabilities present themselves when interacting with multiple programs.

If you have a Managed IT Services provider such as powersolution.com on board, you are in good hands – we take care of updates and upgrades for you.

But if you still manage your own computer systems, it is vital to stay up-to-date with your updates: make sure your system checks for available updates periodically – and most important part – do not ignore request for updates! As you can see from over overview of the example above, there may be several vulnerabilities that can compromise your system, your data and, in the end, your business. Updates are designed to make your computers and computer networks safer – next time you see a notification for an update, run it!

If you are looking for a Managed IT Services, give us a call at (201) 4931414 – your computer network will thank you!

 

How is your state of IT? Call Us: (855) 551-7760 with any questions.