The role and necessity of running Windows updates

Many people think that they don't have to do anything after installing the system. In fact, this is unscientific. It is best to run the update after installing the system, but talk to some colleagues about Windows 7 RTM (Final Platen Edition). During the installation, I specifically pointed out that I need to run the Windows system update after installing the system. Several system administrators looked at me and found it very funny and said they didn't think it was necessary.

Running Windows Updates

When choosing to install a new operating system, the last thing to do is to check for updates. Of course, I have been using the Windows 7 release candidate for a few months, and Microsoft has to install the fix on every monthly patch update Tuesday. There are too many vulnerabilities that can be exploited by bad guys.

Therefore, doing this kind of processing is very meaningful for the installation of the Windows 7 RTM version. After I check the update time after each installation, I will be reminded that the following (2 key and 4 important) patches need to be installed:

1. MS09-54: This security update is resolved. Three privately reported vulnerabilities and one publicly disclosed defect in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.

2, MS09-055: This security update resolves a privately reported vulnerability that is currently being exploited by multiple ActiveX controls. If a user views a specially crafted webpage using Internet Explorer that instantiates an ActiveX control, a vulnerability affecting an ActiveX control compiled with a vulnerable version of the Microsoft Active Template Library may allow remote code execution.

3, MS09-056: This security update addresses two publicly disclosed vulnerabilities in Microsoft Windows. These vulnerabilities could allow spoofing if an attacker gains access to a certificate used by the end user for authentication.

4, MS09-058: This security update addresses many of the privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs into the system and runs a specially crafted application.

5, MS09-059: This security update resolves a privately reported vulnerability in Microsoft Windows. This vulnerability could allow denial of service if an attacker sends a maliciously crafted packet during NTLM authentication.

6, MS09-061: This security update addresses three privately reported vulnerabilities in the Framework and Microsoft Silverlight. These vulnerabilities could allow remote code execution on a client system if a user views a specially crafted web page using a web browser.

In our conversation, an assistant thought the update was done automatically. I didn't see this, so I was happy to check the Windows update manually. Running a manual update seems to be an easier option than fighting malware with a new operating system.

Don't forget UAC, its features change

In Windows 7, Microsoft changed the way User Account Control (UAC) works. In this regard, I plan to explain it in other articles. Depending on your point of view, UAC in Windows 7 gives users the opportunity to get more choices or get into trouble.