[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: 3rd party patch for XP for MS09-048?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: 3rd party patch for XP for MS09-048?
From: Elizabeth.a.greene@xxxxxxxxx
Date: 15 Sep 2009 21:56:21 -0000

As I understand the bulletin, Microsoft will not be releasing MS09-048 patches 
for XP because, by default, it runs no listening services or the windows 
firewall can protect it.

Quoting http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx
"If Windows XP is listed as an affected product, why is Microsoft not issuing 
an update for it?
By default, Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows 
XP Professional x64 Edition Service Pack 2 do not have a listening service 
configured in the client firewall and are therefore not affected by this 
vulnerability. Windows XP Service Pack 2 and later operating systems include a 
stateful host firewall that provides protection for computers against incoming 
traffic from the Internet or from neighboring network devices on a private 
network. ... Customers running Windows XP are at reduced risk, and Microsoft 
recommends they use the firewall included with the operating system, or a 
network firewall, to block access to the affected ports and limit the attack 
surface from untrusted networks."

-eg

Follow-Ups:
- Re: 3rd party patch for XP for MS09-048?
  - From: Susan Bradley

Prev by Date: Re: 3rd party patch for XP for MS09-048?
Next by Date: [security bulletin] HPSBUX02458 SSRT090104 rev.1 - HP-UX Running bootpd, Remote Denial of Service (DoS)
Previous by thread: Re: 3rd party patch for XP for MS09-048?
Next by thread: Re: 3rd party patch for XP for MS09-048?
Index(es):
- Date
- Thread