MS-DEFCON ratings
Posted by woody on 01 January 2007 - 00:00:00
Windows XP
CommentsWe are currently at MS-DEFCON 4. The September patches haven't caused any major problems. Microsoft's MS06-065 / KB 925486 patch should be trivial. It's a good time to get caught up.

WATCH OUT for KB 905474, the Windows Genuine Spyware "critical patch" that may be lurking in some cesspool. For further information, see my Windows & Office news main page.

I have a rating system that lets individual Microsoft consumers know when it's safe to install patches. I call it the Microsoft Patch Defense Condition Level, or MS-DEFCON for short. It's modeled after the US armed forces DEFCON system.

DEFCON 1: Current Microsoft patches are causing havoc. Don't patch.

DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.

DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you're affected and if things look OK, go ahead and patch.

DEFCON 5: All's clear. Patch while it's safe.

Note that the MS-DEFCON level applies to Windows XP Service Pack 2 systems only. I assume that you have a firewall installed, an up-to-date antivirus program, some form of hardware protection, and a good scumbuster, as described in the Security Baseline article in the latest issue of Windows Secrets Newsletter. The MS-DEFCON level also assumes that you're using Firefox, not Internet Explorer.

I firmly believe that Windows Automatic Update is for chumps, and I've said so for years: go ahead and let Microsoft notify you when it wants to install something on your computer, but don't blindly allow the 'Softies to install whatever they want. Follow the instructions in any of my books to disable automatic updating, or click Start | Control Panel | Security Center and take it from there.

Many of you have written, asking about non-critical updates. Unless you have an immediate, painful, obvious reason to install one of them immediately, I'd avoid them like the plague.



Microsoft Patch Reliability Ratings Windows And Office News Editorial Board Ask For Windows and Office Help Contact Us FAQ Search AskWoody.Com Submit News