This is a common misunderstanding.
The use of the word "critical" on Windows Update is *not* the same thing
as the use of the word "critical" in the context of a security update.
So, Windows Update can have "critical" non-security updates. (I don't
know the rating system for non-security updates so I can't comment on
what makes one "critical.")
This has caused no end of confusion and is, I believe, going to be
remedied when Microsoft goes to the next version of Windows Update that
supports WSUS/MBSA 2/MU.
-Matt
-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Angus
Scott-Fleming
Sent: Wednesday, May 18, 2005 1:40 PM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Surprise! Windows Updates
Early this morning I was logged on remotely to a Windows 2000
Server that I manage and a Windows XP box on the same network
checking their Windows Update status, and when I did a manual
WU scan, both of them needed a "critical" update to Windows
Installer 3.1 http://support.microsoft.com/kb/893803 (Last
Review: May 13, 2005). My own XP box needed that AND an
update to Microsoft .NET Framework 1.1 Service Pack 1,
http://support.microsoft.com/?kbid=867460 (Last Review: May
12, 2005). Both of these post-date the May Windows Update
release (last Tuesday, May 10), which all machines had already
had installed.
Neither of these shows up on the MS Security Bulletin page or
on the Security Advisories page.
Anyone else come across these? I have my systems set to
download updates automatically but not to install them, and
just as I was typing this message the Windows Installer 3.1
update appeared in the automatic-updates-are-ready- to-install
icon on my XP box. However, the update to .NET did NOT appear
in the automatic update while it DID appear when I did a
manual WU run.
Anyone else seen this or have more info?
Angus
--
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an
Anti-Virus product which automatically notifies the perceived sender of
a message it believes is infected may well cause more harm than good.
Someone who did not actually send you a virus may receive the
notification and scramble their support staff to find an infection which
never existed in the first place. Suggest such notifications be disabled
by whomever is responsible for your AV, or at least that the idea is
considered.
--
--
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an
Anti-Virus product which automatically notifies the perceived sender of a
message it believes is infected may well cause more harm than good. Someone who
did not actually send you a virus may receive the notification and scramble
their support staff to find an infection which never existed in the first
place. Suggest such notifications be disabled by whomever is responsible for
your AV, or at least that the idea is considered.
--
