It’s easy to say you should patch your Windows PC as soon as possible. But, if you have a business with hundreds of PCs, and an even greater number of ways that a patch might cause trouble, you can’t be blamed for wanting to do make darn sure the patch doesn’t cause more trouble than it fixes before implementing it. Except, for days like today.
You see, in the blockbuster November 2009 Windows patch fest, the fixes included a repair for a really nasty, really easy to exploit security hole: Microsoft Security Bulletin MS09-065. This Windows kernel vulnerability is found in all but the newest versions of Windows: Windows 7 and Windows Server 2008 R2. Unlike most security holes you don’t have to do anything to get zapped by this one. If you use Internet Explorer to visit a malicious site that’s been set up as a trap for people who are vulnerable to this bug-bang! An attacker can do pretty-much whatever he or she wants to your vulnerable PC.
At the least, they’ll be able to crash your Windows PC. At most, and more likely, they’ll infect it with malware. From there, you may get your financial information ripped off, become a source for spam, or even become the piggy-bank for a pervert’s kiddie-porn.