If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#24
|
|||
|
|||
November 2014 Windows 8.1 Update Rollup
"R. C. White" wrote:
For several years now, my WU setting hasn't changed. It is still, "Download updates but let me choose whether to install them." This has always worked very well for me. And I very seldom choose to NOT install any of them. I can't make head nor tails of the "explanation" that is always offered, anyhow. (Sounds like boilerplate that seldom says anything informative - or specific to the current update.) If I install one and it doesn't work, I can blame Microsoft; if I don't install a recommended update and my computer dies, "I've got only me to blame 'cause Mama tried", as Merle Haggard sang. To some degree the use of generic boilerplace without lots of details is necessary; the more information provided about the vulnerability the easier it is for the nasty guys to figure out how to exploit it on machines that haven't been patched...and even with the imprecise descriptions of the vulnerabilities we've often seen attacks begin very soon after the bulletins are released. If you're looking for more information about what a patch addresses, you might get a little more than what's in the SB by clicking through the CVE (Common Vulnerabilities and Exposures) link in the Microsoft Securit Bulletin, then stepping through the "references" list on the CVE page. As an example, MS14-066 (the out-of-season server patch released recently) addresses CVE-2014-6321, and its page in CVE links in turn to related pages from Microsoft, BeyondTrust.com, US-CERT.GOV, and cert.org; the CVE page header also contains a link to nist.gov. Joe |
Thread Tools | |
Display Modes | Rate This Thread |
|
|