• On The Insider: Judge Bans Real Housewives Sex Tape
October 23, 2008 10:26 PM PDT

Time to patch Windows again, ASAP

by Michael Horowitz

If you use a Windows computer connected to a network, a newly discovered bug makes it possible for a bad guy to wreak havoc on the computer without your doing anything. The most vulnerable versions of Windows are XP, 2000 and Server 2003. Vista and Server 2008 are also vulnerable, but not as badly. Microsoft considers the bug important enough to issue the patch immediately rather than waiting for their normal once-a-month patch Tuesday.

Susan Bradley, writing for the Windows Secrets newsletter recommends immediately installing the just-issued patch. Then she offers some unusual advice, suggesting people first restart their computers "to verify that your machine is bootable." Can't hurt. Then she says to install the patch and reboot again. Her article also includes direct links to the patch for each version of Windows. If, for some reason, you can't run Windows/Microsoft Update you can manually download the patch and install it.

A standard of Defensive Computing is that the less software installed and running the better. This particular bug is with a part of Windows known as the Server service. If you are not sharing files and/or printers on a local area network, then you don't need to have the server service running, bug or no bug.

Making a Windows service not run all the time is called disabling and/or stopping. Stopping refers to the instance of the service currently running. Disabling means preventing it from ever starting again. Microsoft describes how to both stop and disable the Server service in Security Bulletin MS08-067. They also suggest doing the same to the Computer Browser service.

Anyone not sharing files and/or printers on a network should also turn off File and Printer Sharing for Microsoft Networks (the Windows XP name) on all network definitions. For example, on a laptop with both wired Ethernet networking and wireless Wi-Fi networking, File and Printer Sharing should be turned off in both network definitions.

If the Server and Computer Browser services are disabled, then some people might consider the last point (and the next) overkill. I think they are a good idea because it means two mistakes would have to be made to enable file and printer sharing as opposed to only one mistake.

Build a better fence around your Windows computer.

For still more safety, look into how your firewall is configured to ensure that it does not allow incoming traffic on TCP port 139 or 445. Again, this is for someone not sharing files and printers. Firewall configuration varies widely, but if you are using the Windows firewall in XP, the exception for this is called "File and Printer sharing."

Firewalls are the first line of defense against this type of problem. With that in mind, you may want to review the series of postings I did recently on adding a second router to a LAN to provide additional firewall protection to your most important computers. See A second router protects adults from kids.

See a summary of all my Defensive Computing postings.

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Topics:

Windows,

Firewall,

FYI

Tags:

patch,

Microsoft,

Windows

Share:
Digg
Del.icio.us
Reddit
Recent posts from Defensive Computing
Fixing bugs in the Flash Player yet again
Getting more battery power for your computer
Get an MSI Wind Netbook for only $349
Not interested in a Netbook computer? Consider the Honda Fit
Beware emails linking to blogspot.com
When Word documents break
More about printer ink rip-offs
Some computers are too important to be networked
Related
Add a Comment (Log in or register) Showing 1 of 2 pages (55 Comments)
by Dalmatian28 October 24, 2008 12:47 AM PDT
The title of this article is nothing more but a "cheep shot"! With millions of people around the world looking to make money "easy way"...it is almost guaranteed that sooner or later they will find week spots in the OS. That would also happen to any other operating system that is widely used as Windows. The number of hackers attacking windows is probable in millions. Number willing to attack Mac OS or Linux....you can count on the fingers of your hand!
Reply to this comment
by pjhenry1216 October 24, 2008 7:19 AM PDT
I don't think he's taking a "cheep" (sic) shot at all. He's telling you how to make your Windows computer much safer. He didn't mention at all how Windows vulnerabilities are found more often (which is most likely due to the fact that its the most popular platform). He's just giving a way to make it more secure.
by FrankFella October 24, 2008 8:45 AM PDT
All I know is that we don't get security updates every other week for my mainframes (which has been around longer and in greater use than Windows). Seems like its a never ending job to plug the security holes in my WIndows machines and servers. There is much more valuable and confidential information stored on mainframe servers for large companies world wide than Windows/Unix servers.
by Dalkorian October 24, 2008 9:09 AM PDT
This "numbers game" argument has been debunked time and time again, yet winblows fanbois always claim there is truth to it. Linux has had some viruses in it's past and is running on many servers across the globe. Mac OS 9 had quite a few viruses (despite it's miniscule market share), yet there isn't a single one for OSX to date (won't say it's impossible, but it hasn't happened yet - notice it's market share is much greater than OS 9's was).

I know winblows fanbois hate FACTS, but it is what it is. Winblows is violated so often because it's so easy.
by Seaspray0 October 24, 2008 10:08 AM PDT
@ Dalkorian. yes it has already happened on osx. As for "so easy", the results of the last "pawn to own" competition held, the computer running windows vista did not get hacked while the ones running linux and osx did. Things have changed. You need to keep up with the news.
by jeitzen October 24, 2008 10:10 AM PDT
Dalkorian sounds like an apple fanboi.
by mhinnewyork October 24, 2008 10:48 AM PDT
Speaking as a former programmer, I take it for granted that all software has bugs and always will. It's just not fair or realistic to criticize any software for being buggy.

A fair criticism however involves design decisions. That OS X wasn't raked over the coals for releasing the current version of the OS with the firewall disabled amazes me. That was an inexcusable design decision.

As for mainframes, I spent a few years applying patches to mainframe software. It's buggy too.
Michael Horowitz
by smarter_than_u October 24, 2008 11:11 AM PDT
@Seaspray0 - perhaps you should check your facts before spouting off. In the 2008 pwn to own contest, the Macbook Air was the first to fall and then on day 2 the Vista box was compromised. "So at the end of the last day of the contest, only the Sony VAIO laptop running Ubuntu was left standing." From http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wrap-up

So as you can see it was the Linux box that was left standing not Vista. Please keep up with the news.
by gggg sssss October 24, 2008 6:02 PM PDT
FrankFella - but you didnt have you mainframe connected to the internet either.
by FutureGuy October 25, 2008 11:27 AM PDT
@Dalkorian, you might have selective memory disorder. The last time they put Mac and Windows in a room, Mac got hacked in 30 seconds, it too 3 more days to break Windows.
by MrKleinpaste October 27, 2008 7:28 AM PDT
@FutureGuy - Wow. Talk about selective memory. The event you are referring to was the Pwn2Own competition. Which was euphamistically referred to as HackAMac, since the most sought after prize was the MacBook Air. The "Hack" on day 2 that won the prize was a web hack that still required action by the user by visiting a specific website with the winner's exploit. All the "Mac Hacks" to date require an administrative account to install it. The Vista box was hacked on day two as well and all the articles conveniently forget to mention the time it took. What's interesting is the likelihood that this security flaw existed during the Pwn 2 Own competition.

What happened to the Mac was nothing like what's being reported here. The giant gaping hole being reported here, requires NO USER INTERACTION AT ALL. That means you don't need to visit any website, you don't need to acknowledge any "warning" alerts. The UAC doesn't ever protect you. You simply just get the sad realization that Windows is no better now than it was 3 years ago while j03 hacker pwns your PeeCee for recruitment into his zombie army. Welcome to windows.
by Ilgaz October 24, 2008 1:14 AM PDT
The issue is, always... People are afraid of running windows update or microsoft update since they were greeted with Windows Genunine Advantage notification which is claimed to be impossible to remove.
Once people are afraid of updating their OS, security nightmare begins. As Apple user I keep warning Apple to TEST their updates since same fashion (although not serious as win) begun. Apple's issue is way more simpler, some updates have broken professional software. Not a paranoia induced one like MS one.
Reply to this comment
by Armennin February 25, 2009 10:59 AM PST
@Seaspray0 - perhaps you should check your facts before spouting off. In the 2008 pwn to own contest, the Macbook Air was the first to fall and then on day 2 the Vista box was compromised. "So at the end of the last day of the contest, only the Sony VAIO laptop running Ubuntu was left standing." From http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wrap-up

So as you can see it was the Linux box that was left standing not Vista. Please keep up with the news.
<a href="http://www.roomreview.net/play-poker/"><strong>play poker</strong></a>
by solitare_pax October 24, 2008 2:40 AM PDT
How is this news? Windows is always issuing updates - So is Apple. Its like going to get your car fixed, except you're having the mechanic come by and say "The brakes don't work - my bad." and getting them fixed for free.

Unfortunately, unless it is money or t-shirts, people don't understand what free is.
Reply to this comment
by Thompa October 24, 2008 4:01 AM PDT
... and in the meantime the mechanic has been happy in the knowledge that I have been driving a car without brakes....?
by pjhenry1216 October 24, 2008 7:20 AM PDT
The article isn't about the update. Its the other 80% of the article that tells you how to make your computer more secure.
by MrKleinpaste October 27, 2008 7:32 AM PDT
It's news because this patch was so important Microsoft issued it out of cycle. They didn't wait until "Patch Tuesday" to release it. Just because the exact details of the attack vector haven't been "published", doesn't mean the black hat community don't know about it. So it's a race to the finish line.
by Armennin February 25, 2009 11:01 AM PST
@Dalkorian, you might have selective memory disorder. The last time they put Mac and Windows in a room, Mac got hacked in 30 seconds, it too 3 more days to break Windows.
[URL="http://www.roomreview.net/play-poker/"]play poker[/URL]
by marcwickens October 24, 2008 4:32 AM PDT
Surley most home firewalls block the ports required by default (TCP ports 139 and 445). I don't see what the big deal is. This article does seem a bit anti-Microsoft. Will there be headlines like "Time to patch Safari again?" or "Time to patch GMail again?" I wondor?
Reply to this comment
by mhinnewyork October 24, 2008 10:51 AM PDT
If you read Susan's article she describes how, in a home network, the firewall in the router can only offer partial protection. Michael Horowitz
by Sausagebiscuit October 24, 2008 4:53 AM PDT
Windows updates are not free, it is rolled into the cost of your OEM PC or Retail version of your OS... that is if you paid for it. They are also not 'free' because like one posted said, you have to deal with the Windows Genuine Advantage.

Also, thats fine if your firewall blocks the ports. What happens when your firewall can be bypassed? Due to a bug or something in that code? There is no one solution. Patch your system so we don't all have to suffer like back in the Code Red days, or like we do now with all the spam infected PCs send. Oh yea, you don't "patch" g-mail. Google does.
Reply to this comment
by BaylorBearWarren October 24, 2008 6:05 AM PDT
Defending your computer against any and all attacks has never been more than one free Google search and a Free download of whatever Free software you want.

ZoneAlarm, a completely free firewall, will protect all ports against incoming or outgoing transmissions until you tell it otherwise. Each time a connection attempt is made, you get a little window telling you something wants to connect in or out. You have two neat little buttons 'Allow' or 'Deny'. Free software. Works wonderful.

You can use multiple different virus scan engines that work completely online, and are completely free of charge to ensure that your machine is virus free. If you actually want to go pay the $39,99 for Norton AntiVirus, make sure that is all you buy, you don't need to spend the extra to buy their whole package. Just the Anti-Virus program works wonders.

Internet Explorer 7 will stop nearly all of your pop-ups unles you specifically turn off the code blocker. On top of that, the browsing has never been easier with tabs rather than multiple windows open. Hotkeys have gotten simpler in the new version as well.

Why would anyone make such a scene or story to scare users? If you have properly set up your computer for use on a Network, you have nothing to worry about.

I would recommend getting the latest patches to keep your Windows as tight as possible. Make sure to set a Windows Restore point prior to visiting microsoft updates, that way, if something does go wrong... it is an easy revert.
Reply to this comment
by tmarlow October 24, 2008 12:14 PM PDT
Why would anyone make such a scene or story to scare users? If you have properly set up your computer for use on a Network, you have nothing to worry about.


The majority of home computer users know how to use the internet and send email, thus alot of users have no clue about firewalls, networking and security. They just want to turn on their computer and have it work.
by jinx101a October 24, 2008 6:12 AM PDT
I agree that the title sounds like kind of a cheap shot. The text of the article though is not indicative of that and seems to be fact based so I'm willing to give the author the benefit of the bias doubt.

Comments like "I'm an Apple user, I'm not paranoid about updates breaking things" drive me crazy. I've never had a problem with Windows Update. Of course, I own my copy of Windows. :P The updates run automatically and I usually wake up in the morning to a message saying the PC was updated. No hitches. The Windows Genuine Advantage thing hasn't caused any problems for me personally. I wait until the first service pack of any OS comes out to move to it though.

The fact is, 90% of the OS market brings advantages and disadvantages. One of the disadvantages is you're the target. That being the case, I think Microsoft has done a good job keeping up. Bring proactive is a good thing (even when people who aren't MS users trumpet the horns everytime a patch is released).
Reply to this comment
by Dalkorian October 24, 2008 9:20 AM PDT
I've never been raped in prison, so I guess prison rape isn't real either.

Winblows apologists drive me crazy. I was a victim of the winblows genuine disadvantage bug that FALSELY labeled my 3 year old ex-pee install as "illegal" and TOTALLY LOCKED ME OUT OF MY OWN FREAKIN MACHINE! I had to install Ubuntu to get the hardware working again, but still couldn't access any files until I called M$'s 800 number and read dozens of code characters to some idiotic computer, which read back dozens of code characters that I had to enter to "reactivate" my legally purchased OS.

Never again will they get a single penny from me. Rape me once, shame on you. Rape me twice, shame on me. I still have ex-pee running on a partition on that machine, but that partition is nothing but a game console to me now. If I want to do any real work, I load Ubuntu and enjoy the realization that MY MACHINE IS MINE AND MINE ALONE. Gate's kill switches don't affect me anymore and yes, he has multiple kill switches in your machine. "Malicious Software Removal Tool" allows them to uninstall anything they don't like on your machine. "WGD" allows them to lock you out of the machine completely (well, lock you out of the entire winblows partition at least).

Enjoy your slavery. In a world without walls you don't need windows or gates.
by doss_freak October 24, 2008 6:42 AM PDT
OMG! what a lame article! this just reminds me Microsoft has long to
go on patching all the security holes i can't wait until they find out about the
calculator vulnerability i discovered that ages ago.. along with notepad and many others
i would like to mention .. and still such a little things
hasn't yet come out to light. My recommendations for you guys is ... and this is reality . if u have ports open ,services running,programs,dependencies etc. that you don't really need or use. why have them.
Microsoft is just making you a favor by adding simple firewall etc. you gonna have to realize that your system is naked. and that your in charge of getting a good firewall.anti virus . which are just the materials .. the next step is to configure them...
Reply to this comment
by Sumatra-Bosch October 24, 2008 6:52 AM PDT
Maybe it's just time to delete Windows.
Reply to this comment
by excobrapilot October 24, 2008 7:23 AM PDT
I loaded this update and my machine would no longer boot. I had to remove it but I am behind 3 separate firewalls so it's either trust the firewalls or not boot my machine. Duh
Reply to this comment
by Dalkorian October 24, 2008 9:23 AM PDT
You always have another option. Try Linux. Try it in another partition of the drive, preserving winblows for comfort (although removing winblows is the most comfortable thing I can think of doing to a computer).

You do not have to live in slavery. Be free. After you break free from your prison cell, you'll find you have no use whatsoever for windows or gates.
by wolivere October 27, 2008 12:04 PM PDT
Strange my last UBUNTU update has 213 patch's in it.

I'm still pissed at the NVIDIA LCD probing issue with UBUNTU, that put many peoles Viewsonic Monitors into a non recoverable sleep mode. A documented bug on the bug tracker still live in the OS just waiting from someone to blug an older Viewsonic LCD monitor and watch it go blink blink dead. If Apple or Microsoft did such a thing, people would be at the doors with torchs and pitch forks.
by DatabaseDoctor October 24, 2008 7:37 AM PDT
If firewalls are so important to have, why hasn't MS fixed the problem of running Vista and third party firewalls? If you install ZoneAlarm on your Vista machine, you will no longer be able to vpn. How has this been a problem for so long?
Reply to this comment
by Dalkorian October 24, 2008 9:26 AM PDT
M$ doesn't want 3rd party firewalls, they can't make money off that. They want to charge you a premium price for a substandard firewall to protect the substandard OS that they sold you for a premium price. Being a slave, you're supposed to like this and even ask for more! Oh yeah, they'll sell you a substandard anti-virus scanner too!
by gggg sssss October 24, 2008 6:08 PM PDT
Dalkorian
The MS firewall is free. If you paid somebody for it then you have just been an example of the "greater Fool" theory
by cprucyk October 24, 2008 8:29 AM PDT
The bottom line is....

There is a Windows security hole, that leaves you open to an attacked (think Blaster32), that needs no user interaction. So follow the steps above or apply the patch.. no brainer. Use a Firewall, but don't depend on your firewall. Laptops connect to all kinds of networks and can bring the bug into your network without having to go thought your physical firewall (Thats why software firewalls are a nice to have thing). Just thank the one above it is not an DNS security hole...oh nevermind that was already patched earlier this year. ; )
Reply to this comment
by Dalkorian October 24, 2008 9:29 AM PDT
In all honesty, that DNS security hole scared me more than all the winblows vulnerabilities combined. I can avoid winblows like the plague, but it's harder to avoid DNS servers! Who keeps track of what IP's any company is using at any time?
by gggg sssss October 24, 2008 6:10 PM PDT
Dalkorian
This is not a bug that gets into your system. This is an attack vector that lets bugs in.
by schamby October 24, 2008 9:11 AM PDT
It's news because the vulnerability is great enough that Microsoft is issuing the update outside their normal update schedule and because there are so many Windows users out there that are likely to be affected. The analogy to car repair could be extended by considering this release like a recall notice.

If, for example, GM issues an announcement that a vehicle of theirs is vulnerable to an engine fire and that owners should get to their local dealer ASAP, nobody seems to accuse the media that pass along this news of 'just trying to scare people' or 'bad mouth' GM. Also, what's the point of Honda owners coming forward and saying "Well, my Honda never needs maintenance like that!" One, it's not true--Hondas need maintenance and also sometimes have recalls; Two, not everyone wants to drive a Honda.

And to say that people should know how to set their computer and/or network up properly to be safe is like saying that everyone should know how to fix their own car. Some people do know how to fix their own car and that's great, but computers are both complicated technical devices and--for many people--a necessity of everyday life. Sure, it's important to have a basic understanding, but to expect every computer owner to know how to configure routers, firewalls, virus software, network sharing, etc, is like saying "Wait, you know how to put air in your tires but you don't know how to rebuild your engine?!?! What business do you have owning a car?!?!"
Reply to this comment
by john5540 October 24, 2008 3:49 PM PDT
yo schamby...have you ever had your car recalled? The manufacturer sends a letter to the affected owners and notifies them on where and how to get free dealer repairs. No need for media intervention in recalls--your analogy flops like a fish out of water. If in fact they relied solely on a newspaper (or some other media public notice) to publicize a recall the manufacturer could well be liable for not providing adequate notice when it has ownership records and mass mailing is not burdensome. If you wanted ro extend your recall notice analogy, where would microsoft customers go to have their machines serviced? Too much air in those gills, guy? This blogger's article just reveals he's wearing red underwear--he's an Apple fanboy always knocking windows and issuing doomsday warnings.
by supoman October 24, 2008 10:12 AM PDT
Here we go again........
Reply to this comment
by -1- October 24, 2008 10:39 AM PDT
Has anyone figured out yet that OS's are going to be the modern day version of race riots? Why does everyone get so worked up and insulted when someone else isn't using their "golden egg" of an OS? Each OS has something screwed up with it, just like each person. Just accept the fact that there are multiple OS's, cars, houses, computers and people, and get off your soapbox so I can get off mine.

And remember, not everyone is out to get you, so breath and take some time away from your computer.
Reply to this comment
by firefoxluva95 October 24, 2008 11:11 AM PDT
*applauds Microsoft for pushing an emergency update*

I'm no Microsoft Fanboy, Apple Fanboy, or Linux Fanboy. I'm a "Company that does its job" fanboy. All I see is that Microsoft did their job. The rest is up to the user to secure their computer.
Reply to this comment
by Ilgaz October 27, 2008 10:29 AM PDT
I am just asking you if you have printed anything over INTERNET (not local network) using MS Printer sharing protocol or if you have ever shared files or accessed files over internet (again, not LAN) using Microsoft file sharing technologies. I bet your answer is no. Why does that service listen to non local IPs at first place?
Same thing goes to Apple, for AFP. They open AFP port too. There is not a single sane person who will want to use AFP over Internet to transfer files.
by windows2ubuntu_converted October 24, 2008 12:45 PM PDT
Well, no sorprises here, another Windows hole.... that's why I just stopped using Microsoft and switched completly to Linux (Ubuntu to be more specific) it's now on a very steady stage and would recommend it for normal day to day use; my wife now hates the slowness of Windows and only uses Linux (and she's no computer lover at all).
Reply to this comment
by gggg sssss October 24, 2008 6:12 PM PDT
then how can you not be aware of all of the Samba security hole notices? And all of teh Samba patches?
by Ilgaz October 27, 2008 10:31 AM PDT
The Samba is essentially the emulation/copy of the issue described in this story. it is the Window File Sharing/Printer sharing and there is something architecturally wrong with both.
That is why Samba always has security alerts.
by wolivere October 27, 2008 12:05 PM PDT
How many Ubuntu updates do you get? I had a truck load in my last one.
by Zerocxis October 24, 2008 2:00 PM PDT
I wish that people would understand that no OS is perfect. Windows, OS X, and even Linux has issues and faults. To you Ubuntu users, did you realize that the Linux 2.6.27 kernel had a bug in it that caused the corruption of a certain Intel network card's firmware? OS X may have some components of both the Mach and FreeBSD kernel and users believe that because of the UNIX components that thier OS is completely secure. That is not the case at all. It still has faults because both OS X and Windows are geared towards user friendliness. That means little or no "configurability" on the part of the user, only just install the OS and go. GNU/Linux has some distributions that have that capability, Ubuntu being one, OpenSuSE being the other off the top of my head. But in general, the low "configurability" is what security crackers take advantage of. I commend Microsoft for releasing a patch to fix this vunerability out side of thier normal patch cycle. To all the Apple and Linux fanbois who believe thier OS is holier than thou, can it will ya? No OS is perfect and will never be because humans program and build it. This also goes double for the MS fanbois who feed the Apple and Linux fanboi trolls. Remember, the internets are serious business :P

Zerocxis
Reply to this comment
by JCPayne October 24, 2008 6:59 PM PDT
I'm a PC..... *cough* *cough* *hack-* Somebody hold me..... I'm sick again......
Reply to this comment
by iConquered October 25, 2008 4:06 AM PDT
It is true that no operating system is perfect. There are too many variables to account for. However, the fact is, that Linux and Mac OSX are far superior in security, than Windows is. And part of it is due to the UNIX foundation. The simple fact that users are required to input their password before installing software, is a huge step forward. One that Microsoft eventually borrowed, in order to boost the security of Vista. Windows was/is notorious for allowing software to self-install, because the user can accidentally run an executable without selecting an exe. The majority of the ill that could befall a Mac OSX or Linux user, would be entirely self induced. If you don't approve the installation of something, then it can't really affect your system.

Windows greatest issue, is security from malicious attacks from outside parties. In terms of functionality, Windows operates similarly to OSX and Linux. Nobody expects an OS to never crash, but you do expect there to be less issues with detouring hackers. The fact that installing Office onto a Windows system, puts you at risk with online use, is a pretty terrible situation to deal with.
Reply to this comment
by Ilgaz October 27, 2008 10:35 AM PDT
If OS Vendor opens a sub-1024 service port to Internet and tries to close it with a Firewall, it will fail. It is for ANY operating system. You just don't serve if user didn't ask for it.
The issue is simple, they are running really unneccessary services wide open to Internet and expect user to run firewall to close them. It doesn't work.
If every OS X came with printer sharing and file sharing turned ON and open to Internet by default, it would only take weeks for black hats to exploit them. Apple does what OS vendor should do, they turn them off by default. MS doesn't do it. That is the issue.
by wolivere October 27, 2008 12:06 PM PDT
Wait why is it that in Linux or OSX that a person does not get pissed off about a pop up asking them to log in and elevate security. But if you get a pop up from Vista asking your permision people call it anoying. Pot kettle kettle pot.
by MrKleinpaste October 27, 2008 12:31 PM PDT
@wolivere - "Wait why is it that ..."

Because it doesn't have to pop up as often as it does in Vista. The UAC is like a jack russell terrier. You only get them when you're running an application or taking an action that changes system files. Not regular applications that were written by lazy programmers that still write code as if they're programming for windows 98. There is no reason whatsoever, that I need "Elevated Permissions" to view processes for "All Users" when I'm in "Task Manager".
by iConquered October 27, 2008 3:25 PM PDT
It appears that somebody has beaten me to the explanation. As for Windows, it has problems deeper than open ports. The very nature of Windows is rife with vulnerabilities for simple things such as using Microsoft Word (various security updates have patched MS Word and Office in general).
Showing 1 of 2 pages (55 Comments)

Making sense of Windows 7 upgrades

faq The basics and the fine print on Microsoft's options for those eyeing the next operating system from Redmond.
• Full Windows 7 coverage

Road Trip 2009: Big Sky Country

CNET News reporter Daniel Terdiman takes his car full of gadgets to the Rockies and the Great Plains in search of tech, science, nature, and more.
• America's Fortress: Cheyenne Mountain

About Defensive Computing

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He views Defensive Computing as taking steps, when things are running well, to avoid or minimize the inevitable problems down the road. It's about educating yourself to the level where you can make your own intelligent decisions about keeping your computers and data happy and healthy. If you depend on computers, yet are on your own, without an IT department or nearby nerd, this blog's for you. His personal web site is michaelhorowitz.com.

He is a member of the CNET Blog Network and is not an employee of CNET.

Disclosure.

Add this feed to your online news reader

Defensive Computing topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET