Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Plans An Overhaul For Patch System

Posted by timothy on from the reboot-again dept.

sckienle writes "ZD-Net has an article about Microsoft's plans to overhaul their patch system. 'Ninety-five percent of attacks happen after a patch for a known software vulnerability has been issued' says Scott Charney, chief trustworthy computing strategist at Microsoft. Basically, Scott is promoting the idea that Microsoft can do a better job, in many ways, so people will trust and be able to install patches quickly. Microsoft has a transcript of Scott Charney's talk on their site." As reader sweeney37 summarizes, " Microsoft's plan is to reduce the patch installers from eight to two, they want to have one patch installer specifically for the OS side and one specifically for the applications." Sweeney37 points out this InformationWeek article on the planned change.

16 of 402 comments (clear)

  1. now? by CptChipJew · · Score: 5, Funny

    "We are now doing security audits on all our products as part of development."

    No comment necessary =)

    --
    Vonal Declosion
    1. Re:now? by eryk · · Score: 2, Funny

      So they're not going to release any product any time soon?

    2. Re:now? by NecroPuppy · · Score: 2, Funny

      Hey, they didn't say that they would pass the security audit. Just that they would do one.

      --
      I like you, Stuart. You're not like everyone else, here, at Slashdot.
  2. MS Patch by CySurflex · · Score: 5, Funny
    I've tried the MS Patch system to rid myself of the MS-addiction, but even with the patch I find myself waking up at night and installing windows 98.

    Maybe with this overhaul they'll come out with better microtine patches and I'll be able to look my friends and family in the eyes, once again.

  3. My Patch by scubacuda · · Score: 4, Funny

    Yo Bill! Here is my "patch".

    PATCH THIS"

  4. Re:User problem by djupedal · · Score: 3, Funny
    if....can...just about...

    As a MS apologist, please remember you are held to strict rules when starting any and all arguments.
    1. Never use open-ended statements, such as "if you do this" and "just about every time", without first reminding readers that you are an expert in your field, and you only discuss facts.
    2. When arguing that the user is the principal cause of computer problems, be sure to also state that MS has always had a policy of considering the user's needs first and foremost when designing products.
    3. Never end a comment by stating "But I'm sure we can twist this into an anti-MS thread anyway" without a friendly wave (all fingers out) and a smile.
    Be careful out there.
  5. Your idiotic anti-microsoft fervence by SweetAndSourJesus · · Score: 3, Funny

    It embiggens the smallest open source advocate.

    If anything will topple Microsoft's dominance of the operating system market, it's an ascii middle finger.

    Bravo, good sir, you have done us all a service.

    Please attribute any typos in this post to the numerous tasty newcastles I have consumed.

    --

    --
    the strongest word is still the word "free"
  6. yeah, that'll work. by Anonymous Coward · · Score: 0, Funny

    if microsoft sold you a box of 20 fish sticks, you'd
    open it up, and there'd be 7 sticks. 2 would be fish,
    but not the kind of fish the box said, and they would
    be broken in several places. 4 would be unknown
    material, the other would be a promise for another
    fish stick at a later date. and they promise that
    other fish stick will be really good when you get it.
    and there'll be a license in that box that says it's
    illegal to discuss the contents of the box with anybody,
    and that the sticks-patent pending, are not warranteed
    to be fit for any particular purpose except that of
    their existance as sticks.

  7. Re:Automated patches for pirated copies? by ramzak2k · · Score: 5, Funny

    I was thinking to myself that this probably won't help me any, since I have a pirated copy of XP

    Dude , i suggest you remove the URL to your website. It is not that difficult to find your address.

    --

    Siggy Say, Siggy Do
  8. That explains a lot... by mino · · Score: 2, Funny
    SCOTT CHARNEY: Good morning. So how do you become the Chief Security Strategist of the Microsoft Corporation? Well, I was an English and History major, then I went to law school and my first job was an assistant district attorney in Bronx County, New York doing rapes and murders and robberies.

    So, uh... what's changed, exactly?

  9. Microsoft Bob Windows Update Metaphor by teamhasnoi · · Score: 4, Funny
    If you were running MS Bob and ran Windows Update, Bob would come out with a broken leg, scabs and open wounds, bandages that seem to eat away the skin, a crutch that would constantly fold under pressure, advanced Parkinson's and Alhzimer's disease, paranoid delusions, amnnesia, a blind eye, a deaf ear, a constant gnawing hunger, a penchant for telling you what you want to hear and gossiping about you when you're out of earshot, a tendency to fall, willingness to disregard you and pretend that you wern't in the room, a constant need for space, a helpful way of stating the obvious repeatedly, lethargy, unwillingness to work with others, nagging you about how he doesn't feel 'connected', a poor work ethic, the abillity to stare at nothing while looking busy, and would most likely lock your file cabinets and give the key away to someone you don't know, all while trying to sell you something you already own.

    Good 'ol Bob.

  10. Path, According to Webster by jabbadabbadoo · · Score: 5, Funny
    patch1 ( P )

    "A small piece of material affixed to another, larger piece to conceal, reinforce, or repair a worn area, hole, or tear. "

    - or -

    "Computer Science. A piece of code added to software in order to fix a bug, especially as a temporary correction between two releases. "

    Temporary correction... Microsoft, I'm afraid, took this literally.

    1. Re:Path, According to Webster by Anonymous Coward · · Score: 1, Funny

      A small piece of material affixed to another, larger piece to conceal, reinforce, or repair a worn area, hole, or tear. Actually it sounds like MS takes it more the literal path...

  11. Here's how the _real_ interview went. by Anonymous Coward · · Score: 4, Funny

    [Apparently MS's FUD group managed to 'clean up' the transcript before it got out. Here's how part of the _real_ interview went.]

    "And we'll not be stopping there. Their second biggest concern after patch management was patch suitability and correctness. And that's when I realized that the patches themselves were broken!

    We had this engineering group making patches for this and that public relations group announcing patches for that vulnerability and management saying 'why don't you patch the hardware so the bandwidth will be smaller.' And what ended up happening is that no one was actually checking to see if the patches fixed anything." (Nervous Laughter)

    So one of the next things I will be doing is to create a Patch Verification working group. Get all the people together to agree on a common nomenclature. What's a "bug" anyway? And how does it differ from a "feature?" No seriously. Can anyone define those terms for us?

    Anyway, another thing that seems to bother our hostages. I mean customers. Yes, customers. That's it. It seems to bother our ... customers ... when our patches break working programs. A Patch Testing working group is being formed and is anticipated to be in place for Windows Server 2003's release in late 2004.

    We are furthermore developing 'New Technologies' within Microsoft including one we're calling 'debugging,' that I'm very excited about. We think it'll vastly improve the quality of our "MacOS Jagger OS" 'Longhorn' release in 2010. From there we'll be setting our sights on matching Linus Redtop 7's innovation and code quality. [I'm pretty sure he means "Jaguar" and "Redhat 7" -ed]

    By then of course, our "Trustworthy Computing" initiative will be in place. Microsoft Big Brother (TM) will impliment Software Update Services to push 'Code we Trust' on enterprises so we can prosecute those who try to back out patches from any of our 25 installer applications, 13 hotfix downloaders or 7 service pack updaters."

    [At this point some Microsoft Thugs (TM) confiscated my recorder, though I managed to switch out the tape first -ed]

  12. GNU/GPL is dangerous by Eric+Ass+Raymond · · Score: 2, Funny
    I agree.

    I was once infatuated with the "free software" and GPL, but the more time I spent with that crowd, the more I became to realize that their underlying philosophy was fundamentally anti-corporate, socialist and had typical characteristics of a cult.

    It's either their way, all the way, or the high way. Rational discussion is made impossible by hysterical groupthink resembling that of a communist totalitarian state, egocentric reasoning ("closed software is eeevil because it doesn't let us steal the code!"), fondness to the Appeal to Authority logic ("closed software is eeevil because RMS said so!") and cults of personality of Linus, RMS and ESR.

    As far as I can see, this attitude stems fundamentally from your run-of-the-mill blue-collar envy of those who are financially successful and who have actually had the courage to risk their reputation and fortune in business.

    --
    BOO! TERRO
  13. Guess what? by WetCat · · Score: 2, Funny
    having this statistics:
    'Ninety-five percent of attacks happen after a patch for a known software vulnerability has been issued.
    , they better issue NO patches all!
    And they will be able to reduce the number of attacks to 5% from the current level!