Spy Journal 3.0 Filtering the web for you

So I had authorised Vista SP2 in my WSUS server and i had noticed other machines on my network installing it. But my machine didn’t show it up in the updates to install list. I eventually went and downloaded the full standalone version. In the meantime i came across this post by Susan Bradley about having important updates not installed stopping SP2 from being available. I went and checked but that wasnt my problem.

When i tried to actually run the SP2 download I got this message:

I went into the control panel to Regional and Language Settings

Security vulnerabilities were announced today in Microsoft Excel and also in Drupal.

See the Official MS security advisory (968272), and the explanation by ars technica.

Our advice for now would be to be EXTREMELY careful when opening any Excel spreadsheet, Word document or PowerPoint file that is emailed to you. Rule of thumb – if you don’t know the person who set you a file (any file) NEVER open it. If you weren’t expecting the file from someone you do know then email or call them and ask them if they sent you it and if so what it is BEFORE opening it. I trust that MS will release the appropriate patch shortly.

The Drupal security vulnerabilities have been announced on the Drupal website and upgrades and patches released for both version 5 and 6.

For our Jethro Consultants Web hosting customers this means an immediate patch for those who are on maintenance contracts with us, and for those who are not they pay us by the hour to apply. We get to those as soon as we can. We are also busy upgrading our own websites.

Live Mesh announces an update affecting all platforms

Windows Vista SP2 hits the streets today - Sarah has a full list of the enhancements and fixes in Vista SP2

Tony Morgan posts a though provoking piece with 10 reasons why he doesn’t like most Christians. I would agree with them all.

Rodney Olsen posted this cool video about technological and futuristic trends. I have added it here also.

Microsoft released an extraordinary security patch yesterday.

Microsoft Security Bulletin MS08-067 – Critical

Vulnerability in Server Service Could Allow Remote Code Execution (958644)

Published: October 23, 2008

Seeing as Microsoft only release patches once a month, this is totally unexpected, and indicates the critical nature of the flaw. One surmises that there are already hackers and other criminals already exploiting this flaw.

There are lots of details in the MS08-067 bulletin and there is starting to be a fair bit of chatter on the tubes about it – see this from Nick MacKechnie for example where he points to the Security Vulnerability Research and Defense blog.

We emailed all our clients and suggested they patch immediately, or invite us to remotely connect to them and manage that for them.