Re: 3rd party patch for XP for MS09-048?

[Susan Bradley <sbradcpa () pacbell net>]

Only if you are a consumer.  In a network we ALL have listening ports 
out there.

Elizabeth.a.greene () gmail com wrote:
> As I understand the bulletin, Microsoft will not be releasing MS09-048 patches for XP because, by default, it runs no 
> listening services or the windows firewall can protect it.
>
> Quoting http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx
> "If Windows XP is listed as an affected product, why is Microsoft not issuing an update for it?
> By default, Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2 do 
> not have a listening service configured in the client firewall and are therefore not affected by this vulnerability. Windows 
> XP Service Pack 2 and later operating systems include a stateful host firewall that provides protection for computers 
> against incoming traffic from the Internet or from neighboring network devices on a private network. ... Customers running 
> Windows XP are at reduced risk, and Microsoft recommends they use the firewall included with the operating system, or a 
> network firewall, to block access to the affected ports and limit the attack surface from untrusted networks."
>
> -eg
>
>