Windows Patches: Finding the Path/Link to the Most Recent Updates!

This question is in relation to the recent Windows XP patch needed for protection against the “Blast Worm” going around. Some good information has been provided in other threads, but something isn’t working for me!

  1. I went to the pull-down menu option “Windows Update” via IE’s “Tools” menu, IIRC. Yes, I need various updates of various priority. Yet, of the high-priority security updates (patches?), the latest one is only dated June 2003! Yet, according to the SD therad http:\boards.straightdope.com\sdmb\showthread.php?s=&threadid=203867 …the patch I should be finding was released July 21st. Am I in the wrong place?

  2. How do you know if the patch is safe? Tips to clean this worm (from Norton, etc.) off the hard drive mention to first check the signature, IIRC? When windows attempts to find updates, a pop-up window claims it is authentic from MS. But, when I located the patch I want by going to the MS website instead, a pop-up window was advising me to make sure it was authorized before downloading.

  3. If I inadvertently were to download an unauthorized patch onto a floppy, for example, could the floppy then be scanned with Anti-Virus before I install the questionable patch? Or, is this not a guarantee?

Help with the first question is most pressing so I can get the patch downloaded ASAP. I need the patch, but I am so clueless by what I am seeing…

Thanks to one and all for their suggestions…

  • Jinx

Perhaps my question has puzzled the SD board, so let me just add this thought for clarification: Could it be that when I use the IE option to update Windows, I already had downloaded the latest patch ??? - Jinx

I think it’s possible that you already had the patch in question. To find out for sure, go to the Windows Update link from IE, and in the left-hand sidebar, choose “View Installation History” under the “Other Options” heading. That will show you all the Windows updates you’ve installed - I believe the one you want to have is “Security Update for Windows 2000 (823980)”.

As for your other question about knowing the patch is safe: I tried downloading from MS and didn’t get the “make sure it’s authorized” pop-up, so I’m not sure how to answer. If it’s installed by Windows Update or downloaded from a Microsoft server it should be safe though. The Norton site you mentioned tells you how to check the digital signature on it, but I don’t think Microsoft has similar provisions. So I guess the upshot is: just make sure that you got the patch from Microsoft.

Finally, for question #3: I don’t think an anti-virus program would necessarily pick up an unauthorized patch, because if it is new and unknown to the antivirus software, it won’t necessarily be recognized as a “virus”, I think.

Good luck stamping out the worm!

Slight Hijack:

Why couldn’t Microsoft automatically have the patch downloaded through XP’s automatic update service? That would have made so much sense.

They did, but most users either never bothered to configure Automatic Updates or deliberately disabled it. Many people are not comfortable with giving Microsoft the ability to modify their systems without their knowledge. Also, some hotfixes cause problems. Administrators often prefer to apply them individually under controlled conditions to make sure they don’t break anything.

Ah, well that explains why I never got the virus.