Microsoft Sets Record With Monster Patch Tuesday 237
CWmike writes "Microsoft today issued 10 security updates that patched a record 31 vulnerabilities in Windows, Internet Explorer, Excel, Word, Windows Search and other programs, including 18 bugs marked 'critical.' Of the 10 bulletins, six patched some part of Windows, while three patched an Office application or component, and one fixed a flaw in IE. The total bug count was the most patched by Microsoft in a single month since the company began regularly scheduled updates in 2003. The previous record of 26 vulnerabilities patched occurred in both August 2008 and August 2006. 'This is a very broad bunch,' said Wolfgang Kandek, CTO at Qualys, 'compared to last month, which was really all about PowerPoint. You've got to work everywhere, servers and workstations, and even Macs if you have them. It's not getting any better, the number of vulnerabilities [Microsoft discloses] continues to grow.'"
Re:Even Macs? (Score:3, Informative)
Re:Microsoft is too big to fail (Score:5, Informative)
Massive monoculture is always dangerous. The dinosaurs seemed incredibly successful, too, but too many of them were too similar--and look what happened. In diversity there is strength.
In numbers there is strength as well. There is quite some evidence that birds are the living direct descendants of the dinosaurs - and in a way I have always been puzzled on how it would be possible that all dinosaurs would become extinct but other types of animals (mammals, crocodiles) not. Dinosaurs were often huge animals, so relative few numbers before the earth is full. That is more likely to have been their undoing. When 90% gets killed, finding a mate becomes really hard due to the huge distance between individuals.
Windows is so huge in numbers that it is almost impossible to extinct. Almost always there will be some Windows computers surviving somewhere, forgotten on grandma's table, not connected to the Internet even maybe and happily moving on alone. It is impossible to wipe them all out, there are too many of them.
OS/2 is virtually extinct - some installations hanging on for dear life but there were so few of them... BeOS saw the same fate... and so there are more. Dead branches on the tree of evolution, they could not multiply sufficiently to weather the competition.
Windows is of course at risk of disease: all individuals are so similar they can easily infect one another. Some have better immune systems (firewalls, more patches installed) and may survive longer - they may even survive the main onslaught and survive the virus which itself may die out due to not enough hosts left to infect. That is after all what happened to the Spanish Flue: this strain disappeared because in the end all hosts were either immune or had died. There were virtually no fresh hosts available for the virus to survive.
Linux is reaching sufficient numbers now to also be impossible to become extinct, and add to that the large diversity in systems giving the species great immunity. Yes some groups may be vulnerable to a certain virus, others will be immune and sit out the disease. Then the ones killed by the virus will be replaced by new, immune systems and the species as a whole becomes stronger.
At the moment actually I can not think of other operating systems that are as diverse as the Linux platform. BSD is a candidate but only three major flavours available. Windows certainly is no candidate, it's all the same.
Re:Vulnerabilities? (Score:4, Informative)
Re:That's a lot of patches (Score:4, Informative)
Indeed, create your own repository and have your installer add that repository to the list when your application is installed (though you should ask permission or people will get angry with you). From that point on the customer's PC will update your software automatically, it'll even warn the customer to install it quickly if you flag it as a security update.
Re:pan-MS patch (Score:3, Informative)
[R]ealize that this is across ALL the stuff - your precious Ubuntu or BSD would never have this many, simply because a distro is not also a browser, office suite, etc.
The point of a distro is that it comes bundled with lots of software. It usually does include a browser, an office suite, an image editor, and more.
It certainly isn't controlled and managed by the same group.
The purpose of a distribution is to have everything managed by a single group. Sure, most -- if not all -- software comes from upstream, but the same single group does manage all of the packaging and updates for the users of said distribution.
btw posting this from an Ubuntu machine, which just pulled down 10 updates.
If you really are posting from an Ubuntu machine, then you should know that the updater will update everything installed by default, and everything installed after-the-fact through the package manager. All other things being equal, distributions like Ubuntu should be expected to have more updates than Windows/Office/IE alone.
Re:Vulnerabilities? (Score:5, Informative)
A bug is something not working as intended. Slashdot's rendering on standards compliant browsers for example.
A vulnerability is something that can be exploited by a third party for example to crash, hang or invade your machine.
That in itself doesn't really tell you much, is it locally or remotely exploitable, do you need valid logins, user action etc. which means it can range from trivial to critical. If you want the details, you need to read the details... that is to say MS security bulletins.
Re:That's a lot of patches (Score:5, Informative)
Re:That's a lot of patches (Score:4, Informative)
Yes, there are other ways but a couple easy methods are in this article: http://www.debian-administration.org/articles/513 [debian-adm...ration.org]
Re:Apple Safari Jumbo Patch 50+ Vulnerabilities Fi (Score:5, Informative)
Does anybody even know what "troll" means anymore? A troll is not somebody who says something you don't like.
The point of a troll is to get replies to a fake message. A troll is something like "Back when Bill Gates invented the internet blah blah". The point there is for know-it-alls to jump up and yell that it was not Bill Gates.
The grandparent was pointing out something he saw as hypocrisy. You might not agree, but that doesn't make him a troll. He might be a troll (if he pointed it out solely to see the replies), but I think it's a valid point, and I'm willing to bet he does too.
But that's the way people are, I suppose. Ever look at 1-star reviews on Amazon? Even good 1-star reviews ("I didn't like this, and here are the reasons why") tend to have, at best, a 50% "This was helpful" rate. People check off "unhelpful" because they disagree with the reviewer. I suppose it's no surprise that the OP here decided that someone who said something he disagrees with is a troll, but it sure would be nice for people to learn how to have some form of mature debate.
Re:Scary Good or Scary Bad? (Score:4, Informative)
It benefits hackers immensely, if you have a new 0day exploit you start using it on exploit wednesday, or possibly a couple of days earlier on the basis they can't patch it that quick... then you are guaranteed at least a month before anyone will be patched against it.
Re:That's a lot of patches (Score:4, Informative)
Exactly indeed.
I wont bother with suppling a clue, as you've obviously never seen Ubuntu or any other Linux distro.
Re:Apple Safari Jumbo Patch 50+ Vulnerabilities Fi (Score:5, Informative)
Of course you are; You just like to use the word hypocrite a lot, to divert attention.
Re:Scary Good or Scary Bad? (Score:3, Informative)
They have released patches out of band before for high risk exploits.