B
B J W
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
This is one the most seriously confusing Security bulletin I have yet seen.
I would just like to see if my understanding accords with that of others.
Given the ubiquity of .jpeg images, this would seem like a potentially
super-serious issue.
Separate patches are necessary for
Windows XP
IE6 SP1 on Windows versions other than XP
Office
Office family products such as Visio, Project
Visual Studio .Net
Picture It!/Digital Image Pro family of products
Different patches apply to different versions of each of these products
Windows Update has the Windows patch
Office Update has the Office and Office family products
?does office update cover Picture It! and Digital Image Pro??? I don't
know
Windows XP SP2 incorporates the patch for Windows
Office 2003 SP1 incorporates the patch for Office, but not for Visio,
Project, Picture It!/Digital Image Pro
Earlier versions of Windows are "not affected" but IE 6 SP1 must be patched
There's a "tool"
http://support.microsoft.com/?kbid=873374
which tells you a whole lot of nothing -- that you "might" need patches,
without giving you a clue which patches you "might" need. It does not tell
you what products you have, or whether the products have already been
patched.
MBSA 1.2 detects for Windows XP and, locally only, Office and Office family
products MBSA does not detect the need for the patch in Visual .Net,
Picture It!/Digital Image Pro, or (GET THIS!) IE6 SP1 on Windows 2000.
I have checked all of the above against the FAQ in the Security Bulletin,
but I would still appreciate other eyes seeing if I have left out or
misconstrued something.
[PS: I have restrained myself from sarcastic comments or putting $ in
Microsoft's name. But, this is way too much work. The "tool" is so stupid,
it makes me want to spit.]
This is one the most seriously confusing Security bulletin I have yet seen.
I would just like to see if my understanding accords with that of others.
Given the ubiquity of .jpeg images, this would seem like a potentially
super-serious issue.
Separate patches are necessary for
Windows XP
IE6 SP1 on Windows versions other than XP
Office
Office family products such as Visio, Project
Visual Studio .Net
Picture It!/Digital Image Pro family of products
Different patches apply to different versions of each of these products
Windows Update has the Windows patch
Office Update has the Office and Office family products
?does office update cover Picture It! and Digital Image Pro??? I don't
know
Windows XP SP2 incorporates the patch for Windows
Office 2003 SP1 incorporates the patch for Office, but not for Visio,
Project, Picture It!/Digital Image Pro
Earlier versions of Windows are "not affected" but IE 6 SP1 must be patched
There's a "tool"
http://support.microsoft.com/?kbid=873374
which tells you a whole lot of nothing -- that you "might" need patches,
without giving you a clue which patches you "might" need. It does not tell
you what products you have, or whether the products have already been
patched.
MBSA 1.2 detects for Windows XP and, locally only, Office and Office family
products MBSA does not detect the need for the patch in Visual .Net,
Picture It!/Digital Image Pro, or (GET THIS!) IE6 SP1 on Windows 2000.
I have checked all of the above against the FAQ in the Security Bulletin,
but I would still appreciate other eyes seeing if I have left out or
misconstrued something.
[PS: I have restrained myself from sarcastic comments or putting $ in
Microsoft's name. But, this is way too much work. The "tool" is so stupid,
it makes me want to spit.]