Microsoft Plans Largest-Ever Patch Tuesday 341
CWmike writes "Microsoft said it will deliver its largest-ever number of security updates on Tuesday to fix 13 flaws in every version of Windows, as well as Internet Explorer (IE), Office, SQL Server, important developer tools and Forefront Security client software. Among the updates will be the first for the final, or release to manufacturing, code of Windows 7, Microsoft's newest operating system. The 13 updates slated for next week, eight of them pegged 'critical,' beat the previous record of 12 updates shipped in February 2007 and again in October 2008." Update Reader Kurt Seifried writes to correct the math a bit, pointing to Microsoft's Advance Notification page for the release, which says that rather than 13 flaws, this Patch Tuesday involves "13 bulletins (eight critical and five important), addressing 34 vulnerabilities ... Most of these updates require a restart so please factor that into your deployment planning."
But will it let me buy stuff using paypal? (Score:4, Interesting)
Windows 2000? (Score:2, Interesting)
I couldn't find details in the article, but since extended support has ended... RIP win2k
P.S. unless it's not affected by this? but I think there are previous vulnerabilities which haven't been patched too so maybe win2k is already dead and I missed the boat.
in the last patch supertuesday (Score:2, Interesting)
i got this awesome bug fix such that Outlook now says "This copy of Office is not genuine. Click here to learn more online." in an unremoveable toolbar
can't wait to see what gets patched next!
Re:...Patch Tuesday (Score:5, Interesting)
Yes, I think there is something in that for all of us, don't you? *puffs pipe*
Kudos (Score:5, Interesting)
Look, I know it's fashionable to make negative remarks about MS round here, but it's only fair to say 'well done' to them for bettering their previous high count. Hopefully they haven't run out of bugs to fix and they'll work hard to find and fix even more next time. Who knows, this time next year they could be fixing hundreds of bugs every month - and if we're lucky, some of them could be quite serious or critical - wouldn't that be just awesome!
Go MS!
Re:...Patch Tuesday (Score:5, Interesting)
I built my system myself which means that I'm more than capable of grabbing a bootleg copy of Windows online. Instead I chose to pay for a copy of WinXP because the OS is a MAJOR part of my system and as such was worth the asking price. (And also because I'm not a thieving schmuck. If you don't want to pay use Linux.)
Ever since I've been hounded by WGA. I just want my system patched. Microsoft wants to verify "something", god knows what, every time I try to access patches. Their checker needs updating quite often. I don't know what it does. I don't know what info it sends them. I just know it's an annoyance, maybe a personal security risk. I can't patch without it. (Officially that is. I'm aware of "alternate" patch sources but how secure is that? Seriously now, come on...)
This is the thanks I get for dropping money on their product. I passed on Vista. I'll pass on Win7. Once this system has aged to the point of uselessness (translation: can't game any more) I'm going to Linux full time. Why? BECAUSE THEY ACT AS IF THEY OWN MY MACHINE, NOT ME. THAT pisses me off.
So f--- them. I'm done.
QUESTION about "critical" software (Score:2, Interesting)
Typical Bullshit (Score:1, Interesting)
As usual. You breathed on the PC, or you installed a mundane office app, time to restart the computer! I wish all Windows users would familiarize themselves with a good Linux distribution or other Unix/Unix-like system. Even if they decided they didn't like Linux and preferred Windows, at least this would disabuse them of the idea that any non-kernel update has a good reason to require a reboot to complete the installation. Then they would have some education as to what to reasonably expect, and the pressure placed on Microsoft might even advance the average users' experience a bit. The whole problem with Windows is that the average person thinks its quirks, shortcomings, and examples of plain stupidity are normal, as though they were the inescapable reality of operating a computer. They are not.
Also, maybe someone can help me out here. Why the hell does Windows Update often aggressively use 100% CPU when running in the background? By "aggressively" I mean it will tremendously slow down anything else you are doing (not at all the same thing as a low-priority task that can use 100% CPU when nothing else wants the CPU). I can boot Linux on the same PC and update not only the core OS (which would be similar in function to Windows Update) but also every last installed application without that kind of system load, without any noticable slowdown in any regular applications (browser, office software, e-mail client) I use. Frankly, I know this will make some of the more narrow-minded folks automatically assume I am trolling, but here's the reality: I see too much shit like this to take Windows seriously or to consider it an equally viable option compared to Unix. The technies and others I know who really like Windows and think it's great couldn't perform the most basic system administration tasks in any other OS, which tells me that they have no real basis for comparison, that their opinion is not an informed one. If someone with a wide variety of experience with alternatives wants to speak up and tell me why they really like Windows, why it's not substandard compared to any other modern system, please do, but good luck to ya.
Re:Security & Stability (Score:3, Interesting)
Plus, OpenOffice.org has it's own component system (UNO) which is very similar to OLE/COM, Mozilla has XUL which is also the same thing and you also have CORBA which is akin to DCOM (which is distributed OLE/COM). Components are not inherently less secure than normal applications... and even better, you have more granular control over their use (separate permissions for use, activation, instantiation, etc.)
It was ActiveX that gave a bad name to COM, but not because it's bad in itself, but rather because it was a poor idea to integrate it to web pages in the way it was done.
So? (Score:3, Interesting)
So what?
My Ubunutu Jaunty desktop downloaded 130mb of updates last night. And this isnt the first time either.
I didnt see the /. community getting their nickers in a knot about it
Largest-Ever Patch Tuesday (Score:1, Interesting)
Re:Typical Bullshit (Score:3, Interesting)
Kernel issues still require a reboot.
Have a look at KSplice. It allows the kernel to be patched dynamically, with no reboot. It's also free to users of Ubuntu 9.04 and 9.10 but I'm not sure about others. It works nicely from what I've seen so far, and the company was nice enough to answer a few of the questions I had about it. It's great if you really want to avoid reboots.
Good in Microsoft (Score:3, Interesting)
Not to mention, WSUS in the enterprise is an excellent, free tool for centrally managing patch deployment.
Number of patches and vulnerabilities aside, I think MS is a standout leader in this category.