Re: windows update question

From: memimi (mcallahan215@attbi.com)
Date: 02/22/03 

From: "memimi" <mcallahan215@attbi.com>
Date: Sat, 22 Feb 2003 20:32:02 GMT

"sponge" <yosponge@yahoo.com> wrote in message
news:8d76ec03.0302221202.6c4488db@posting.google.com...
> Yes, the scan is specific to your computer. Microsoft even keeps a
> record of what updates you have installed. The way it works is Windows
> Update is an ActiveX control that downloads and installs itself into
> your browser itself, effectively becoming part of it. It scans your
> system for any updates which may or may not have been applied. I do
> not know exactly what it checks to determine if an update has been
> applied, so it may or may not be accurate should certain modifications
> occur. For example, I don't know if it just checks file versions,
> dates, or actually does an integrity check of updated files.

hey sponge,
i get the impression it probably just checks file version and dates, the
scan seems very basic in that it usually completes in under 5 seconds. not
seeming very indepth, but i'm only guessing.

,<snip>

>Aside from the rantings of a deliberately misleading troll around here

good, so i'm not the only one.

> one of the best ways to beef up your security is to just use another
> browser and email client other than IE/OE. Consider this: patching all
> of IE/OE's holes has been described as like plugging the holes
> one-at-a-time in a wicker basket.

well said, and quite frankly, i'm a little tired of keeping up with all the
"fixes" and still being left with the feeling ,i'm not really doing much
good as far as securing my comp.(like i'm sticking my "finger in the dike" )

 It is, by design, extraordinarily
> insecure. Microsoft tends to implement features without giving the
> smallest thought to the security risks, like they did with ActiveX
> downloads (which is what Windows Update uses to install itself.
> Unfortunately, many spyware authors and even some worms and trojans
> also use this brilliant method). Plus, since IE/OE is by far and away
> the most popular browser and email client -- every Windows user has it
> -- virtually all the exploits written specifically target them.

so i keep being reminded ;>0

> You would be amazed at how many problems go away just by using another
> browser, like Mozilla. Keep IE around only to do Windows Updates.

i keep repeatedly hearing about this browser and intend to investigate it.
Question: are a users "oneline enjoyments" i.e, games, media, etc.,severely
limited by these more secure browsers?

>
> With IE out of the picture, you will not have very many critical
> updates to worry about. The big one with XP was Univeral Plug & Play
> (UPnP), which you hopefully already disabled (if not, see
> http://grc.com/unpnp/unpnp.htm). Microsoft apparently never fully
> addressed this, so their "critical security" patch still leaves you
> wide open.

i've never addressed this either, and will do so.

> Sponge
> Sponge's Anti-Spyware Source
> www.geocities.com/yosponge
> On Sat, 22 Feb 2003 05:17:56 GMT, "memimi" <mcallahan215@attbi.com>
> wrote:
>

thanks for link, the info, and the "enlightenment".

mike