I'm going to visit Dad for Christmas. Dad only has 28.8K dialup and he is way behind on his XP security updates including Service Pack 3. I have downloaded the standalone install version of Service Pack 3 and wish to do the same for all the hotfixes since. In the same page where I downloaded SP3, I see a couple of security patch updates but gosh I know there have been several since the release of SP3 including the IE7 vulnerability just a couple of days ago. Is there away to identify all the security patches since SP3 release and download them all as standalone installs? I would like to try to do so and then install them upon my visit.
The exact patches he'll need can vary depending on what-all he has installed. For example, if he has any Office or Works software, including the free viewers, he may need Office patches. If he has .NET of any version, he may need patches for that.
One simple way to find out, is to have him run the
Microsoft Baseline Security Analyzer. On 28.8k, this
will take a while to fetch the current database before it can check his system, so he'd still need to let it do its thing for a few hours.
When complete, it would give a result like the larger pic below. Clicking on all of the "result details" will open new windows with direct links to the patches that MBSA checked for, whether they're needed or not. So if he can take a screenshot of each results page, and send them to you, now you have a list of the patches and Service Packs he'll need.
Note that he needs to report the missing patches from all of the "result details" pages, not just one of them. The second pic is my
Windows Security Updates page, and that's a post-SP3 WinXP installation, so the patches identified in that picture are a good starting point to download, but as I mentioned, he may need others depending on what-all he has installed. And as a follow-on to this whole procedure, the free Secunia
online or installable checkup is really good too... Secunia says that less than 2% of their first-time users are fully patched. Their checkup will help fix vulnerable third-party stuff like outdated QuickTime, Flash Player, Java, browsers, media players, etc.
Oh, and if he has WinXP "Service Pack zero" or WinXP Service Pack 1, I suggest updating to Service Pack 2 before installing Service Pack 3. But hopefully he's not that far behind the curve
Disable the real-time antivirus protection before you start the SP3 installation, to prevent possible interference from the antivirus.
Moderator note: OVERSIZED PIC deleted...
MBSA's scan completed.
One of the "result details" pages.