There are top lists of everything else this time of year, so I suppose we can have a top five patches. The article in ComputrWorld gives all the details, which includes the most important fixes as judged by them, and makes a point or two about some things that really should not be mentioned at all.

Why? Because if things had been done correctly in the first place, the patch would have been applied last calendar year, and so would not make the list.

Also, the idea that a bullet had been dodged, and no other bullets were out there is an incorrect one.

Although Microsoft shipped the MS08-067 update in late October 2008, several researchers fingered it as one of 2009’s musts.

Don’t remember MS08-067? You should … it’s the patch that plugged the hole that the notorious Conficker worm later exploited. And Conficker, though it didn’t bring down the Internet last April, as some speculated, hasn’t exactly gone quietly into the night: Earlier this month, Microsoft’s Malicious Software Removal Tool (MSRT) removed Conficker from over 156,000 PCs in a one-week period.

Those 156,000 machines wouldn’t have become infected if their owners had applied the MS08-067 update.

“While companies seems to have a good handle on this vulnerability, Conficker numbers are still growing,” said Qualys’ Kandek while recommending last year’s patch for this year’s list. “Conficker scanning is one of the most prevalent types on the Internet.”

So, the Conficker worm is still out there, just waiting to get hold of one of your machines. It’s like the gift that keeps on taking, and so just because your machine did not get attacked in the first wave, in February of 2009, does not mean you have escaped unscathed forever.

Look at that 156,000 figure. It gets larger every month that the figures for the Microsoft MSRT are released. Until every instance of it is eliminated, the threat is there.

The article bears a complete read, just in case your machine escaped one of these updates. Better yet, running the Microsoft Update tool might be something you do when you get a spare few moments – that way you can be assured you get the important stuff.


alfred_e_neuman - what, me worry?

He never worries. He doesn’t use a PC, he saved up and got a mainframe!

Quote of the day:

Ninety-eight percent of the adults in this country are decent, hard-working, honest Americans. It’s the other lousy two percent that get all the publicity. But then–we elected them.

– Lily Tomlin

{and that’s the truth…}

Opera, the fastest and most secure web browser 10.5 coming, the fat lady is warming her vocal cords…