Re: ?Expired Security Certif for MS Update
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 14 Mar 2006 20:34:29 -0600
I can see why you are frustrated and it is very hard for me to determine
what is going on based on your description of events without being there.
MBSA should run fine on a new install. I can only suggest [if you are not
doing such] to make sure that you are doing a pristine install of the
operating system from an original authentic Microsoft installation disk with
the holograms on the disk that came with Certificate of Authenticity which
would mean that the system drive would need to be formatted and not fast
formatted. If problems still persist I would suggest that you consider
buying a new computer that comes with the operating system installed. Dell
and others are selling powerful computers very cheap for like $399 and if
you want to have any hardware from your existing computer installed into a
new computer that should not be too difficult to do. --- Steve
"SueInCincy" <SueInCincy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E9D625D4-761E-4710-B8EC-B8B7D871AE3A@xxxxxxxxxxxxxxxx
Steven and Wesley,
Thank you both for your courteous and helpful replies. Unfortunately,
Steven, I couldn't get the MBSA to run -- it seemed to download okay, but
it
just stalls out. And, for that matter, the link you provided went to an
error page that said, "this page is temporarily unavailable." (I found
the
download elsewhere by searching the site, so you definitely got me pointed
in
the right direction.) Both these behaviors -- the error page maneuver, and
the stalling out when an app like this runs -- are typicial of this
security
issue I have experienced.
All of which makes me very, very uncomfortable with the idea of having any
faith in the downloads I have, that used the expired certificate to get
the
gateway ActiveX.
Another thing that makes me uneasy is that even after I removed the
downloaded ActiveX in question, and uninstalled a few critical updates, I
was
not prompted to download the ActiveX again.
At the risk of sounding like an alien abductee, this security invasion
system is so subtle -- and so sophisticated -- that it must be running on
a
lot more machines than just mine.
As always, I appreciate your courteous and thoughtful replies.
Sue
"Steven L Umbach" wrote:
Certificates/PKI is a somewhat complex topic. If the certificate is from
Microsoft and signed by a CA that your computer trusts I would not worry
about it as long as it has not been revoked. You can view the certificate
certification path to see if it was issued to Microsoft or not and by
what
CA. You can go to Internet Explorer/tools/internet options/content -
certificates to view the Trusted Root CAs.
Offhand I don't recall every seeing that message myself on a new install
that has SP2 installed also but I use authentic full retail version of XP
Pro. If you are concerned about your security updates not being installed
you can use Microsoft Baseline Security Analyzer to see if it shows your
computer is current with critical security updates or not. You can find
it
for free at the link below. Belarc Advisor is also a free program that
will
display updates installed on your computer and let you know if they are
installed correctly if you look under installed hotfixes. --- Steve
http://www.microsoft.com/technet/security/tools/mbsahome.mspx --- MBSA
http://www.belarc.com/free_download.html --- Belarc Advisor.
"SueInCincy" <SueInCincy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0FB0E019-9224-4ECE-8986-6FD2F7C5AADD@xxxxxxxxxxxxxxxx
Maybe I don't understand security certificates. In this particular
case,
it's the security certificate for the "front door" of Microsoft's
update
system. I have had several senior-level Microsoft Research Techs say I
should not be encountering this kind of expired certificate -- yet now,
when
they have not been able to stop that from happening, they say go ahead
and
use the expired certificate.
What I know from previous experience is that if I do so, it opens the
door
to all kinds of new security problems. What I see in log files, for
example,
strongly suggests that the updates are not really being installed --
that
bogus ones are being retrieved.
What is especially troubling about this is that the last Microsoft tech
I
spoke with promised to send a written clarification of why I should use
an
expired security certif, within 15 minutes, and here it is four days
later
and it hasn't arrived. I don't think anyone at Microsoft is willing to
put
that in writing.
Hmmm....
"Steven L Umbach" wrote:
I would not worry about an expired certificate. If the certificate was
from
an untrusted Certificate Authority or revoked then you certainly
should
not
proceed. It is not uncommon to come across expired certificates. A
certificate that has expired still works in that it in this case it
verifies
that the file is from a trusted publisher. --- Steve
"SueInCincy" <SueInCincy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B55A21C9-7112-40E0-AD6E-3922E26A9A1B@xxxxxxxxxxxxxxxx
I have had a profound security problem, and I get conflicting
information
from Microsoft technicians. Two of them, 2nd level Research
department,
say I
should not download an ActiveX control that has an expired security
certificate. Today's tech insists there's nothing wrong with doing
that.
Here is what has happened to me repeatedly, on at least four
different
machines:
With a freshly reformatted hard drive, and the protection of a
router
firewall and Service Pack 2, I go straight to the Microsoft Update
site.
The
first thing that happens is a warning for the ActiveX control
required
to
get
updates, and the security certificate has an expiry date
(consistently)
of
October 15, 2005. When I have, in the past, downloaded the thing,
it
popped
up on the Anti-Spyware Beta as unrecognized by Microsoft.
What appears to happen, if you look at the install logs for critical
updates, is that many of them appear to be being retrieved from the
pagefile.sys location. There are lots of other troublesome lines of
code
in
those logs, although I don't pretend to be a developer -- or even
knowledgeable about the mysteries of Microsoft.
Today's Microsoft technician--he the one who insisted we use the
ActiveX
control with the expired security certificate-- said, when
confronted
with
these troubling lines of code, "These are not for you or I to know,"
as
if
that somehow clears up the issue.
All I know is that if I "just use the machine," I get all kinds of
security
problems, including, eventually, a QuickBooks program that will not
work
because of a "virus." That, despite clean scans from the fully
updated
Norton
(or Kaspersky or McAfee, it doesn't matter) I have on the machine,
and
clean
online scans from the vendors.
I have looked at other machines log files that have these updates
installed
legitimately, and they all show the update files being retrieved
from a
temp
file or even a web address -- never a pagefile.sys.
I appreciate all the folks that answer these posts, even the ones
who
aren't
always terribly courteous. I especially appreciate the courteous
ones.
Best regards, S
.
- References:
- Re: ?Expired Security Certif for MS Update
- From: Steven L Umbach
- Re: ?Expired Security Certif for MS Update
- From: SueInCincy
- Re: ?Expired Security Certif for MS Update
- From: Steven L Umbach
- Re: ?Expired Security Certif for MS Update
- From: SueInCincy
- Re: ?Expired Security Certif for MS Update
- Prev by Date: Re: automated installation of WinXP and software
- Next by Date: Re: Group Policy on Windows XP
- Previous by thread: Re: ?Expired Security Certif for MS Update
- Next by thread: Re: Desktop
- Index(es):
Relevant Pages
|
|
