Yes, it’s that time again. Time to update all your Windows computers, or at any rate helplessly watch as auto-update randomly siphons away your computer’s resources at the most inopportune times.
This month’s crop of updates includes a total of seven bulletins, which address vulnerabilities in Internet Explorer, Outlook, Visio, Silverlight, SharePoint, OneNote and Windows driver technologies.
This month’s bulletins:
MS13-021 – Critical : Cumulative Security Update for Internet Explorer (2809289)
MS13-022 – Critical : Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)
MS13-023 – Critical : Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261)
MS13-024 – Critical : Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)
MS13-025 – Important : Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)
MS13-026 – Important : Vulnerability in Office Outlook for Mac Could Allow Information Disclosure (2813682)
MS13-027 – Important : Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)
If you can’t get enough about these patches, there’s more technical stuff over at the MSRC blog.
March 12th will see a new batch of updates for Windows, Office, Internet Explorer and other Microsoft software. This month there will be seven bulletins, four flagged as Critical.
Patches will become available at around 10am PDT on March 12. PCs configured for auto-updates will see the patches during the following day or so.
Even before Windows 8 was released, you could find third party tools for resurrecting the missing Start menu. New software from Stardock goes even further in eliminating inexplicable Windows 8 behavior.
It’s called ModernMix, and its most notable feature brings back the ability to show applications in multiple windows concurrently. Apparently much of the underlying functionality was there in Windows 8 all along, and ModernMix just makes it possible to access the hidden goodies.
I knew eventually the world would hammer the Windows 8 mess into something usable. Attaboy, Stardock. ModernMix is currently priced at $4.99.
A few days ago, I reported Microsoft’s new policy of limiting Office installs to one computer forever. Apparently Microsoft heard the angry noise coming from the Internet, since they have now relented. You’re now allowed to transfer your Office license to another PC, although only every 90 days (except, apparently, in emergencies). No word on where they pulled that 90 from, but you can guess.
On February 26, Adobe announced version 11.6.602.171 of the Flash player. As usual, Adobe says: “These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.” The technical details are available in Adobe Security Bulletin APSB13-08.
Microsoft simultaneously announced a Flash update for Internet Explorer 10 on Windows 8, which will be delivered via Windows Update.
Google will no doubt release a new version of Chrome that includes the Flash updates in the next day or so.
Anyone who uses Flash in their web browser should install the appropriate update as soon as possible. That includes anyone who uses Youtube. So basically just about everyone.
Windows 7 users with autoupdate enabled will be upgraded to IE10 in the coming weeks. Currently, the new version doesn’t appear in Windows Update, but that will also change in the near future.
IE10 is much the same as IE9, but includes Javascript performance improvements, integrated spell-checking/correcting and better adherence to web standards like CSS3.
Until Office 2013, it’s been possible to transfer the software from one computer to another, and to re-install it on an upgraded computer. Microsoft even allowed people who used Office at work to install and use it on their home computers as well. This sort of realistic flexibility made it a lot easier to justify the rather hefty price tag for Office.
Unfortunately, with Office 2012, one set of Office media will be wedded to one particular computer forever. Non-transferable; one computer only.
As Peter Bright rightly points out in the post linked above, this penalizes a particular segment of computer users: the enthusiast. This includes a lot of the people who write about software and computers, so Microsoft can expect a lot more public backlash against this decision, as well as a general increase in the move away from MS Office toward alternatives like Apache OpenOffice, LibreOffice, NeoOffice, and Google Docs. Any conceivable increase in revenue stemming from this decision will be outweighed by these losses.
It seems clear that Microsoft is hell bent on driving away enthusiast/hobbyist/power users. Windows 8 is another example of Microsoft’s hostility toward power users.
If you’re running Windows 7, and you haven’t already installed Service Pack 1, you should do so before April 9, 2013. After that date, Microsoft will no longer provide patches for Windows 7 without SP1. That includes security patches.
Microsoft will continue to supply patches for Windows 7 with SP1 until January 14, 2020.
It’s that time again: time to patch your Windows systems. This month there are twelve bulletins, addressing a total of 57 vulnerabilities in Windows, Internet Explorer and other Microsoft software.
Microsoft and Symantec, working with law enforcement authorities in the US and Spain, have disabled another botnet. The Bamital botnet first appeared in 2009, and at its height, included as many as 1.8 million computers.
User computers became infected with the Bamital malware through drive-by web-based infections (often from porn sites) and corrupted software downloads.
Infected computers were used to generate revenue for the perpetrators by generating or redirecting traffic to specific web sites.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
boot13