Comments on: Windows Metafile Crib Sheet http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/ Techblog is collection of articles covering a wide variety of tech related topics including: Linux, Microsoft, Google, web development, web design, open source, wordpress, security, and more. Sun, 29 Jan 2012 02:25:58 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: admin http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-339 admin Sun, 08 Jan 2006 20:53:34 +0000 http://techblog.touchbasic.com/html/?p=160#comment-339 well, then.. i guess there is no consistency across this type of issue either. my experience (and this would make sense from microsoft's perspective) has generally been, no validaton = no updates (after a certain point). the only other things i can think of are: - maybe windows update is messed up on your system and reporting no updates when there are still updates (i've seen this before, a bug in some old update causes inaccurate reading of new updates resulting in always seeming up to day. the only solution i could think of at the time was to confirm each update was applied by comparing in "add/remove programs" and the non-express windows update page) - different builds of windows xp, and xp service pack 2 itself, seem to have different criteria for receiving updates (some machines with sp2 installed still required 20+ updates while others need only 2-3 updates) - for some systems (although i've only seen this with xp sp1 and earlier versions of windows) if you don't manually go to the WU homepage and install Windows Update v6 (the new windows update agent/client) you'll get "no new updates to install" every time. that being said, patches and updates can be manually downloaded and installed without validating and maybe certain security patches (ie: WMF) do still get installed via WU. just not always. feel safe yet? well, then..

i guess there is no consistency across this type of issue either. my experience (and this would make sense from microsoft’s perspective) has generally been, no validaton = no updates (after a certain point).

the only other things i can think of are:

- maybe windows update is messed up on your system and reporting no updates when there are still updates (i’ve seen this before, a bug in some old update causes inaccurate reading of new updates resulting in always seeming up to day. the only solution i could think of at the time was to confirm each update was applied by comparing in “add/remove programs” and the non-express windows update page)

- different builds of windows xp, and xp service pack 2 itself, seem to have different criteria for receiving updates (some machines with sp2 installed still required 20+ updates while others need only 2-3 updates)

- for some systems (although i’ve only seen this with xp sp1 and earlier versions of windows) if you don’t manually go to the WU homepage and install Windows Update v6 (the new windows update agent/client) you’ll get “no new updates to install” every time.

that being said, patches and updates can be manually downloaded and installed without validating and maybe certain security patches (ie: WMF) do still get installed via WU. just not always. feel safe yet?

]]> By: babaganoosh http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-337 babaganoosh Sun, 08 Jan 2006 17:38:04 +0000 http://techblog.touchbasic.com/html/?p=160#comment-337 on a machine that wasn't validated and did have auto updates turned on and this machine stays on all the time, when I manually validated and then did a windows update, a) there were no patches it wanted to apply, and b) there was a $ntuninstall912929 folder from the earlier in the day in the windows directory (meaning it had applied the latest patch and (all?0 others before that one?! all before being validated? So under the right conditions, auto update does work without being validated first? on a machine that wasn’t validated and did have auto updates turned on and this machine stays on all the time, when I manually validated and then did a windows update, a) there were no patches it wanted to apply, and b) there was a $ntuninstall912929 folder from the earlier in the day in the windows directory (meaning it had applied the latest patch and (all?0 others before that one?! all before being validated? So under the right conditions, auto update does work without being validated first?

]]> By: admin http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-335 admin Sun, 08 Jan 2006 05:56:45 +0000 http://techblog.touchbasic.com/html/?p=160#comment-335 not sure if i'm following you on that last one.. are we talking about automatic updates or manually applying patches? not sure if i’m following you on that last one..

are we talking about automatic updates or manually applying patches?

]]> By: babaganoosh http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-334 babaganoosh Sun, 08 Jan 2006 03:49:45 +0000 http://techblog.touchbasic.com/html/?p=160#comment-334 I just looked at a Win XP SP2 machine that hadn't been validated. It had a folder from this AM in windows which talked of the 912919 patch. I validated it and did express updates. It said there were none. looking in the update history, I see the most recent patch that was installled was 912919 - so yeah, they may download but not install, and the PC may not be on at night. but when those issues are handled correctly, a machine that hasn't been validated seems to do OK with patches? I just looked at a Win XP SP2 machine that hadn’t been validated. It had a folder from this AM in windows which talked of the 912919 patch. I validated it and did express updates. It said there were none. looking in the update history, I see the most recent patch that was installled was 912919 – so yeah, they may download but not install, and the PC may not be on at night. but when those issues are handled correctly, a machine that hasn’t been validated seems to do OK with patches?

]]> By: babaganoosh http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-330 babaganoosh Sat, 07 Jan 2006 19:56:32 +0000 http://techblog.touchbasic.com/html/?p=160#comment-330 wow : ( wow : (

]]> By: admin http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-329 admin Sat, 07 Jan 2006 18:04:39 +0000 http://techblog.touchbasic.com/html/?p=160#comment-329 hi baba, sounds to me like you've cut right to the heart of the matter here.. security is about more than getting that zero-day patch that everyone's talking about and applying it before the sky falls on your head. the fact of the matter is (and i have seen this personally on dozens of windows machines): 1. tons of people have auto updates "on" but set to download and not install. (great, but they never click install) 2. i have seen machines with "download and install" set but at a crazy time like 3am (the machine is turned off and thus updates are never applied) 3. without validating windows xp you're not getting any updates. nothing. 4. even after validating, if you don't manually go to WU Site and download the New Version of the Windows Update Client, you're not getting any updates past a certain point (the old client doesn't find new updates). so, to make a long story short (or offer a straight answer): -the people in your scenario will not be getting any updates from microsoft not tonight or tomorrow or ever. and -yes, you'd think that microsoft would promote the importance of validating windows xp a little more (at least as an aspect of ensuring greater overall security) but then again, they also tried to keep the WMF thing as low profile as possible by holding off a few days for testing before releasing a patch to the public. at the very least, Microsoft needs to smooth out the whole update process. it's just screwy, broken, and way too complicated. maybe they need to give everyone a lesson on how to "manually" use their "automatic" updates and all the quirks that surround it.. [ apply sarcastic patch here ] hi baba,

sounds to me like you’ve cut right to the heart of the matter here..

security is about more than getting that zero-day patch that everyone’s talking about and applying it before the sky falls on your head.

the fact of the matter is (and i have seen this personally on dozens of windows machines):

1. tons of people have auto updates “on” but set to download and not install. (great, but they never click install)
2. i have seen machines with “download and install” set but at a crazy time like 3am (the machine is turned off and thus updates are never applied)
3. without validating windows xp you’re not getting any updates. nothing.
4. even after validating, if you don’t manually go to WU Site and download the New Version of the Windows Update Client, you’re not getting any updates past a certain point (the old client doesn’t find new updates).

so, to make a long story short (or offer a straight answer):

-the people in your scenario will not be getting any updates from microsoft not tonight or tomorrow or ever.

and

-yes, you’d think that microsoft would promote the importance of validating windows xp a little more (at least as an aspect of ensuring greater overall security) but then again, they also tried to keep the WMF thing as low profile as possible by holding off a few days for testing before releasing a patch to the public.

at the very least, Microsoft needs to smooth out the whole update process. it’s just screwy, broken, and way too complicated. maybe they need to give everyone a lesson on how to “manually” use their “automatic” updates and all the quirks that surround it.. [ apply sarcastic patch here ]

]]> By: babaganoosh http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-327 babaganoosh Sat, 07 Jan 2006 13:34:01 +0000 http://techblog.touchbasic.com/html/?p=160#comment-327 I have yet to find someone that can give me a straigt answer on this: Most non-techies haven't gone through the genuine software validation. But lets assume they have SP2 and automatic updates are turned on... what are they missing by not doing the validation and manually updating? Everyone says to go to WU and get this patch. If non-techs don't read this blog and elsewhere, but again, have SP2 and automatic updates, would they get the patch tonight or tomorrow night? and what else from the express list of updates would they be missing by not manually updating / walking through the validation? I would think if they are msising anything, MSFT should be really promoting the validation and telling people the HAVE to do it to keep their machine safe? Thanks! I have yet to find someone that can give me a straigt answer on this:

Most non-techies haven’t gone through the genuine software validation. But lets assume they have SP2 and automatic updates are turned on… what are they missing by not doing the validation and manually updating?

Everyone says to go to WU and get this patch. If non-techs don’t read this blog and elsewhere, but again, have SP2 and automatic updates, would they get the patch tonight or tomorrow night? and what else from the express list of updates would they be missing by not manually updating / walking through the validation?

I would think if they are msising anything, MSFT should be really promoting the validation and telling people the HAVE to do it to keep their machine safe? Thanks!

]]> By: admin http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-326 admin Sat, 07 Jan 2006 02:02:31 +0000 http://techblog.touchbasic.com/html/?p=160#comment-326 Eric, i'm going to assume you're refering to the patch issued by Microsoft. i'd be interested to know how the second trial run goes. though i'm not sure why you're machine was infected.. if you got the patch direct from Windows Update. Eric,

i’m going to assume you’re refering to the patch issued by Microsoft.

i’d be interested to know how the second trial run goes. though i’m not sure why you’re machine was infected.. if you got the patch direct from Windows Update.

]]> By: Eric http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-325 Eric Sat, 07 Jan 2006 01:23:39 +0000 http://techblog.touchbasic.com/html/?p=160#comment-325 I installed the patch and it caused a kernel panic after booted into windows, it seems the patch installs a system service. This servic actually appears to do some type of scan since the I/O activity of it is somewhat high, for me it caused a kernel panic every single reboot and caused an infinite loop that I could only resolve by uninstalling the patch. I was infected with this exploit which BiteDefender 9 found on a scan, it is possible that the path does not operate correctly. Windows update just downloaded it again, im going to run it again and see what happens. Perhaps I got an early version and there has been a silent revision. Wishful thanking I guess!! I installed the patch and it caused a kernel panic after booted into windows, it seems the patch installs a system service. This servic actually appears to do some type of scan since the I/O activity of it is somewhat high, for me it caused a kernel panic every single reboot and caused an infinite loop that I could only resolve by uninstalling the patch. I was infected with this exploit which BiteDefender 9 found on a scan, it is possible that the path does not operate correctly. Windows update just downloaded it again, im going to run it again and see what happens. Perhaps I got an early version and there has been a silent revision. Wishful thanking I guess!!

]]> By: admin http://techblog.touchbasic.com/html/windows-metafile-crib-sheet/comment-page-1/#comment-324 admin Fri, 06 Jan 2006 22:33:15 +0000 http://techblog.touchbasic.com/html/?p=160#comment-324 Ward, which patch did you install? - Microsoft Official Update - Ilfak Guilfanov version1.4 - SANS .msi installer - ESET version1.1 Ward,

which patch did you install?

- Microsoft Official Update
- Ilfak Guilfanov version1.4
- SANS .msi installer
- ESET version1.1

]]>