Microsoft Security: Buffer Overrun in Windows Kernel Message Handling

Part of the announcement says:

"For an attack to be successful, an attacker would need to be able to logon interactively to the system, either at the console or through a terminal session. Also, a successful attack would require the introduction of code in order to exploit this vulnerability. Because best practices recommends restricting the ability to logon interactively on servers, this issue most directly affects client systems and terminal servers. "

I'm not as clear as I'd like to be on whether or not that applies to users who have a stand-alone system in their home, like I do, and are the only person who ever uses that system.

So, given the above, my question is: should I download that patch or not?

 

Hello BOBBO,

I'm glad somebody is asking this question instead of blindly installing MS patches.

I asked myself the same question; my answer is no.

For those that feel unsure or feel that they don't know enough,
at least wait some some time to see if the patches themselves don't create problems. If they do, that will be reported.

Regards - Charles

 

charlesvar and Arie: Thanks for your replies. My question is answered and I won't be downloading the patch. Thanks again.

 

Arie,

Any details for do not install.
With automatic update set MS does a scan of a user's system and compares stored info of user's configuration and previous installs and responds accordingly.

I have XP (home version) and MS recognized my system needed the re-release update installed. It has been installed without any problems, and as you have pointed out full disclosure of what the specifics are other than what you have cited and read may not be the entire picture.

If it does present a problem, MS made a colossal mistake and will have to re-write. Or recommend deletion and installation of the first release for the users who received the update automatically. Could MS be that incompetent?

 

Hi KenKeith,

"Could MS be that incompetent?" Not more or less incompetent than any other company, but far more pervasive. To borrow a pharse, when Bill Gates sneezes, the rest of us catch cold.

Regards - Charles

 

Home versions of XP cannot be ruled out. The deciding factor is whether one is the sole user or all users are computer administration notwithstanding version. Just have the capabilities, user designation, and the configuration.

The problem is the possibility of an interaction of 3 identified programs installed on SP1 that could lead to unathorized elevation of privileges. MS admonishes, " RECOMMEND INSTALLING THE CORRECT VERSION OF THE SECURITY UPDATE AS SOON AS POSSIBLE. IF YOU CAN NOT UPDATE IMMEDIATELY IT IS RECOMMENDED TO TEMPORARILY REMOVE THE ORIGINAL PATCH. " Wouldn't elevated privileges enable a hacker easier access and enhanced navigating capabilities??

Additionally, it is noted that due to some routines in the SP1, the installation of the May patch may enhance performance. I have experienced a faster performance with the May patch and addresses may long standing complaint of a somewhat sluggish perfomance after installing SP1. Several other users have had identical results.