Micro$oft rant: WTF, 4 critical updates??

[glugglug]

How long before windows update site becomes full of ActiveX-plugin driven advertisements?

Think about it.... it certainly gets more hits than any other site on the net....

 

[Looney]

Originally posted by: bolomite
went to windows update, and found four patches waiting for me, all posted within the last few days :|

You'd rather they not keep their product supported and updated?

 

[neilm]

There goes my nice uptime

Thanks for the heads up btw.

 

[FoBoT]

i got 7 notifications today, 4 critical OS patches, 1 critical exchange patch and two other "important" patches

at least they are putting them out, we know there will be many, many more

 

[ViRGE]

Originally posted by: glugglug
Windows vulnerability timeline:
t0: vulnerability found
t0 + a few hours maybe: vulnerability discussed on securityfocus and/or other places
t0 + maybe 1 week: exploit made which uses vulnerability
t0 + several months, or in the case of netbios/RPC holes, 12-13 years: MS releases security bulletin about existence of hole (call this time t1)
t1 + a month or so: M$ admits exploits for said hole already exist (call this t2)
t2 + a week or so: patch available

Oh come on, you know damn well that no-one knew about that RPC hole on the outside, and probably not on the inside for more than 7 years. On top of that, the patch was out before an exploit was out.

 

[wfbberzerker]

6 for me, meh.

 

[Tetsuo]

Originally posted by: wfbberzerker
6 for me, meh.

 

[ElFenix]

i've got two downloaded since yesterday. interestingly my notebook hasn't downloaded any

 

[Gunbuster]

When does win2k SP5 come out?

 

[Eli]

I got the automatic update notice for 4 new updates a while ago, too.

 

[AgaBoogaBoo]

One thing to remember is, had Windows hypothetically, been were *nix flavors are now, then problems would probably be found almost as often if not equally fast and it is with Windows. THe reason is that people check Windows much more than other OS'es because why would a hacker wanting to disturb a network of hundreds of computers all on XP and one unix box, design it only for unix? So he/she would check XP for holes...

 

[AgaBoogaBoo]

Oh yeah, for those who really need the safety, even on other OS'es, if your usage is that important, I'm sure you'll have some antivirus/firewall protecting your computer...

 

[NuclearFusi0n]

Originally posted by: BingBongWongFooey

Originally posted by: Ameesh
the difference is MS does something about providing an easy to use mechanisim to distrubite security patches.

Different from what? Debian makes it dead simple (easier than windows update - AND you don't have to worry about them breaking your machine). I'm not sure about Apple but I can't imagine it's difficult.

same goes for portage.

 

[arcenite]

four updates for me... it's funny how people can figure out how to complain about everything. It's people like that who started the RIAA bullshibby. "But mommy... Everyone's downloading my music even though I make umpteenzillion dollars a year." ok.. when I start posting shib like that, it's time for bed.

Bill

 

[shikhan]

Originally posted by: LordMorpheus
Download Gentoo Linux. You can update the computer eevry night while you sleep. Does your kernel have pre-emptive capabilities (i don't know exactly what it does, but it sounds precognitive! (heh, just kidding))

Almost every modern OS has pre-emption. Otherwise, you wouldn't be able to multi-task.

 

[glugglug]

Originally posted by: ViRGE

Originally posted by: glugglug
Windows vulnerability timeline:
t0: vulnerability found
t0 + a few hours maybe: vulnerability discussed on securityfocus and/or other places
t0 + maybe 1 week: exploit made which uses vulnerability
t0 + several months, or in the case of netbios/RPC holes, 12-13 years: MS releases security bulletin about existence of hole (call this time t1)
t1 + a month or so: M$ admits exploits for said hole already exist (call this t2)
t2 + a week or so: patch available

Oh come on, you know damn well that no-one knew about that RPC hole on the outside, and probably not on the inside for more than 7 years. On top of that, the patch was out before an exploit was out.

NetBIOS exploits were well known in the Windows 3.1 days, before 32-bit Windows even existed, and not fixed until recently.

 

[Freejack2]

I don't mind installing updates. I just want the fricken update notification to tell me!

 

[rudder]

Originally posted by: Gibson486

They wouldn't have to install so many updates if it wasn't so insecure in the first place.

ah ha

If you feel that way, use a different OS.

it would take an act of congress for me to change my OS. Actually and act of the state congress of tennessee. Windows is the standard, so we are stuck with it.

Has anyboy heard of the "service pack" that was suposed to be released my MS? It contains all 22 updates for XP (after sp1) in one neat tidy package. I can't seem to find anything about it.

 

[draggoon01]

the schedule's been changed, sp2 is set for dec release now. so sp1b is gone

 

[Jeff7181]

Updates don't bother me on my 3 mbps cable

 

[glugglug]

Ah this set of updates is wonderful.

After installing them on my work machine I had the joy of having to re-install the network drivers.

 

[Supahfreak]

Originally posted by: Huz

Originally posted by: Supahfreak
What the hell is ActiveX??? Everytime I try to update I get this. help...

FreAk

Try this

-or-

You may want to try the repair options from the "Add/Remove" applet in control panel.

I've seen this before but it's been a while and I can't remember what I did to fix it. Seems to me it wasn't what that Q article made reference to, but maybe you'll get lucky.

Yeah, I think the reference is wrong too. I set my security to minimum and it still didnt work. Oh well, I was planning on reinstalling anyway:frown::gift::heart:

FreAk

 

[Miramonti]

Originally posted by: glugglug
Ah this set of updates is wonderful. After installing them on my work machine I had the joy of having to re-install the network drivers.

Fortunately I haven't have a problem like this for a couple years, with the exception of needing to reinstall a web2pop module last week. I contemplate imaging my main partition each time before these updates, sometimes do sometimes don't.

 

[Miramonti]

It seems like microsoft has chosen to be more aggressive on addressing these security flaws.

This is a good thing.

 

[oLLie]

One of the patches is not applying for me. It's called:

Update Rollup 1 for Microsoft Windows XP (KB826939)

In the history it says successful and yet it still comes up when I click scan for updates.

I'm gonna try to manually download the patch and install it. brb.