Announcement

Collapse
No announcement yet.

Windows XP upgrade wipes out security patches

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows XP upgrade wipes out security patches

    check http://www.pcpro.co.uk/daveharper/ph...e.php3?id=3453 for the full story !!

    I'm a serious patcher / security upgrader and now this !

    And yes ... I failed the test on the test-page he links to.

    @$#@!$@#$!@#$#%$%$!@#%^!@^%@#!
    Fear, Makes Wise Men Foolish !
    incentivize transparent paradigms

  • #2
    Why did I fail this test ? because I have SP1 installed ( BETA - I know ).So SP1 Beta wipes out security patches !!!! Arrrghh

    Solution if you have SP1 installed : go into control panel \ Add-remove programs and un-install Internet Explorer which will restore the previous version of I.E, meaning it will remove SP1.
    Then I installed the dec 13 fix just in case and now I can pass the test -> I.E wants to download a file instead of just run it !
    Last edited by Kosh Naranek; 1 February 2002, 09:03.
    Fear, Makes Wise Men Foolish !
    incentivize transparent paradigms

    Comment


    • #3
      The same happens for win2k I believe. Of course if MShaft included all the securtiy patches within the service pack it wouldn't matter.
      Chief Lemon Buyer no more Linux sucks but not as much
      Weather nut and sad git.

      My Weather Page

      Comment


      • #4
        Why is this a surprise?
        You've always had to reinstall patches and security updates when reinstalling/upgrading an OS. It resets everything to what is on the CD. Why trust an upgrade anyway?

        Comment


        • #5
          It is a surprise becuase WindowsUpdate says all patches are in place!

          Which is true, they are simply not active !!!!!!!!!!!!!!!!!!!! and that's scary.

          All I did was install I.E 6.0 SP1 onto a PC which had ALL patches/fixes prior to installing I.E 6.0 SP1.

          A check on windowsupdate, after installing SP1, didn't reveal any missing or misconfigured security patches, so I naturally assumed that everything was in place. BIG surprise when I tested I.E on the above link and found that code could be run on my system without any warning.

          So, I downloaded the dec 13 security patch which contains all security pacthes up to that date and ...... BIG surprise ! I could not install it, it kept saying ... : This requires I.E 6 to be installed .... HELLO ... I guess I.E 6 SP1 isnt't I.E 6. Arrrgh

          So the only thing I could do was to remove SP1 from I.E 6 and then install the dec 13 patch .... no problem this time.

          My concern is ... : What will happen when SP1 becomes available on WindowsUpdate .. will it also wipe out security patches as the BETA did. And if it does, how many average users will actually discover that they have wiped out all the security patches they had previously installed.
          Not that many I fear ....!
          Fear, Makes Wise Men Foolish !
          incentivize transparent paradigms

          Comment


          • #6
            It's what I would call a large oversight by Microshaft. I wonder how many network admins have got caught out by this. Of course his Billiness reckons they're going to take security more seriously.
            I hope so.
            Chief Lemon Buyer no more Linux sucks but not as much
            Weather nut and sad git.

            My Weather Page

            Comment

            Working...
            X