Windows Secrets Newsletter: Revisiting Microsoft service packs

microsoft service packs

By Susan Bradley/Windows Secrets Newsletter

Revisiting Microsoft service packs

In the Northern Hemisphere, it’s springtime — time to revisit Windows 7 and Office service packs.

Our lack of major updates at the end of the month means we can devote time to getting needed service packs installed.

931125
Microsoft root certificates get another update

One of the confusing aspects of this update is that Microsoft uses the same patch number for every root-certificate update throughout the year. So if you’ve seen 931125 before, that’s why.

As before, I recommend that XP users pass on this update — unless a website specifically requires a root-certificate included in update KB 931125.

(As I’ve noted before, Vista and Windows 7 machines will download and install this update automatically; XPs have to install it manually, typically through Windows Update’s Optional updates section.)

Why make a recommendation that seems to make Windows XP more vulnerable than Vista and Win7? Because I still think there are issues with the entire certificate-authority chain of trust. And the following statement from this update’s page should not add to your level of comfort: “The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.”

It can difficult to find out exactly what’s in a root-certificate update. A Microsoft TechNet Wiki provides some information. But typically, you have to install the update and check what certificates changed.

Moreover, some of the updated certificates have only limited applications. The February release (page), for example, included certificates for the Israeli and Swedish governments. I’ve nothing against these countries, but I can’t recall ever going to any of their websites. And given past problems with trust certificates, why should I go through the work of manually installing SSL certificates for sites I never plan to visit?

► What to do: Unless a website demands an updated trust certificate, Windows XP users can pass on KB 931125.

Here’s the rest of the story…

This post is excerpted with permission from Windows Secrets.

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

How to Fight a Malware War

malwar

A tip-filled conversation with Andrew Brandt, director of threat research at Solera Networks, reveals some of the ways hackers sneak malware into PCs.

Read More

Tech Support-call Cons

phonescam

“Hello. This is Microsoft Tech Support. Your PC has notified us that it has an infection.” The call is a scam — an extremely prevalent one. Here’s how it works and what you need to know to stay out of the trap.

Read More