Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: 3rd party patch for XP for MS09-048?

From: Elizabeth.a.greene () gmail com
Date: 15 Sep 2009 21:56:21 -0000
As I understand the bulletin, Microsoft will not be releasing MS09-048 patches for XP because, by default, it runs no 
listening services or the windows firewall can protect it.

Quoting http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx
"If Windows XP is listed as an affected product, why is Microsoft not issuing an update for it?
By default, Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 
2 do not have a listening service configured in the client firewall and are therefore not affected by this 
vulnerability. Windows XP Service Pack 2 and later operating systems include a stateful host firewall that provides 
protection for computers against incoming traffic from the Internet or from neighboring network devices on a private 
network. ... Customers running Windows XP are at reduced risk, and Microsoft recommends they use the firewall included 
with the operating system, or a network firewall, to block access to the affected ports and limit the attack surface 
from untrusted networks."

-eg
Previous By Date Next
Previous By Thread Next

Current thread: