XP SP1a: Install Windows Updates?

[NokiaDude]

For some reason whenever I install Windows XP SP1a everything is awesome. But then I install the latest windows updates and somethign always goes wrong. Would I be okay with a NAT firewalled router and a good antivirus if I choose not to install the updates?

 

[bacillus]

hmm, some of updates post sp1a are rated as critical.

 

[Algere]

Or wait awhile for Service Pack 2

 

[NokiaDude]

If I just install SP1a will I really have to install the updates? My router has been excellent at blocking 100% of those nasty worms on the net. I would really just like to install SP1a and wait for SP2 NEXT YEAR.

 

[EeyoreX]

IMO you should always perform at the minimum any updates labled as "Critical". Always. Try doing them one at a time to see if you can identify the one(s) that are causing your problem. Occassionally a hotfix causes trouble and Microsoft will retool it to eliminate/minimize the problem(s). Waiting for SP 2 is probably not the best course of (in)action.

\Dan

 

[WobbleWobble]

If you're behind a router without any ports forwarded and you're not in DMZ, you should be fine without any updates at all. Not recommended, but you should be fine.

 

[Fokks]

I can't believe people are saying you're fine just because you have a router?
Maybe if you never access the internet over it yeah you're fine...

If you're going to actually be browsing the web with Internet Explorer, using Outlook Express for mail, or using Windows Media player you really should get the critical patches.

 

[WobbleWobble]

The router acts as a firewall. Incoming requests will be ignored effectively blocking most of the worms that exploit an unpatched machine. So he essentially can't be attacked by being simply connected to the Internet.

Sure, he can be exploited via IE, OE and WMP by going to sites that exploit these vulnerabilities, but that's not what I feel he's asking. I think he's more concerned about being attacked by being connected to the Internet.

 

[Schadenfroh]

install only these updates

Q322011_WXP_SP2_x86_ENU.exe
Q327979_WXP_SP2_x86_ENU.exe
Q810243_WXP_SP2_x86_ENU.exe
Q811114_WXP_SP2_x86_ENU.exe
Q814995_WXP_SP2_x86_ENU.exe
Q815021_WXP_SP2_x86_ENU.exe
WindowsMedia-Q828026-x86-ENU.exe
WindowsXP-KB810217-x86-ENU.exe
WindowsXP-KB820291-x86-ENU.exe
WindowsXP-KB821253-x86-ENU.exe
WindowsXP-KB822603-x86-ENU.exe
WindowsXP-KB823182-x86-ENU.exe
WindowsXP-KB824105-x86-ENU.exe
WindowsXP-KB824141-x86-ENU.exe
WindowsXP-KB825119-x86-ENU.exe
WindowsXP-KB826939-x86-ENU.exe
WindowsXP-KB826942-x86-ENU.exe
WindowsXP-KB828028-x86-ENU.exe
WindowsXP-KB828035-x86-ENU.exe
WindowsXP-KB829558-x86-ENU.exe
KB832414_MSXML3.0_x86.exe (MSXML V3 Update)
JS56NEN.EXE (JScript 5.6 Update)
Q330994.EXE (OE Cumulative Update)
Q832894.EXE (IE Cumulative Update)
Direct X 9B
MSXML V4 SP2
.NET Framework 1.1

 

[EeyoreX]

What anyone else does with their computer is really not my problem. Outside of the fact that if something happens and their computer is hijacked and becaomes a spam machine... Or whatever. Regardless, security is not a piecemeal thing. Do it completely. Otherwise you are not all that much better than not doing it at all (though I admit some protection is better than none. Marginally. And I also admit more likely than not the types of problems not patching will cause will affect his local machine). I agree that this "router only" type recommendation is irresponsable. Or at least dangerous. Because, no one ever makes mistakes with their routers settings, right? No one ever keeps their passwords set at whatever the routers default is, right? Any one of these little things missed can mean trouble. If you want to practice what amounts to lax security with your computer, fine. That's your business. Personally I don't see how you can in good conscience recommend the same to others. That's just my opinion I suppose. No one is going to convince me that "just a router" is going to be "just enough" security for my computers. I will always update with critical updates. I will always recommend this practice (outside of if the fix causes problems. And I would say find the one fix that breaks your setup, don't just ignore all of them. Like I did earlier). I'm not trying to be a complete @$$, just a bit of one, because the security of your computer has the potential to affect untold numbers of other computers (albiet indirectly in many cases).

\Dan

 

[n0cmonkey]

I think it is much more likely that the problems are in userspace. PEBKAC and all. Really, install them one at a time and see what breaks when.