Microsoft Rereleases Patch to Fix Problems
AbdullahHaydar writes "From CRN: 'One day after releasing a fix for an Office XP flaw, Microsoft upgraded the severity of the vulnerability to critical and re-issued a new patch to address a new attack scenario discovered in the last 24 hours.' The funny thing is that the second bug they missed with the first fix is 'critical' whereas the original bug the fix was for is 'important.'"
The fact that 24 hours after releasing an 'important' bug patch, Microsoft re-released a 'critical' bugpatch should *not* be held against them! It certainly would not be the first time someone had realised that the consequences of X are far more than previously thought.
:-), but re-relasing a new patch at a higher security classification ought to be applauded, not ridiculed. Fair play, guys, and play the game according to *all* the rules, not just the "Redmond -4" ruleset...
I'm no apologist for MS (see my posting history
Simon
Physicists get Hadrons!
As I recall it took more than 24 hours for the second bug in the mremap function to be found in Linux. While bashing MS is always fun & exciting (and I do think their security sucks). I think Slashdot should try to post more stories about how Linux could be improved (security & functionality). Not to imply that Linux is bad, but there is this reactionary attitude where we must adapt to everything MS does as opposed to doing things first. No Longhorn till 2006 should not mean we sit around waiting for MS to come out with something to whine about. It should be seen as an opportunity to evolve Linux in new directions that MS can't emulate. Don't be afraid to embrace changes that could propel us way ahead of them.
Exactly how is this different from the multitude of patches to fix things in the Linux kernel? Or patches in ANY OSS project? Are you trying to tell me that there has never been a security patch to any Linux kernel ever?
/. story just a short while back about a security vulnerability in the Linux kernel that was patched and te resulting posts were nothing but a bunch of open source taint nuzzling. When MS fixes a problem on the other hand, it's a bad thing.
I seem to recall a
'Standards' in computing only impress those who are impressed by things like 'standards'.
....I am tempted to check the kernel cvs source tree history.
But why inject objectivity and reality into an otherwise excellent discussion?
I am very small, utmostly microscopic.
As opposed to releasing a patch that breaks a previous patch? As was the primary problem with the SQL issue that SQL slammer exploited?
You never know...
It shows that Microsoft is taking things more seriously. And maybe next time, maybe they'll catch more potential problems before they're discovered. If MS were to actually break itself up into smaller companies, it wouldn't have to worry about keep tabs on so much stuff. I know it won't do that, but I think it would be alot more efficient. When it comes to patches, Microsoft is like a giant. Someone hits it on the leg, so it has to look down and find the source of the attack and fix it. But at the same time, someone could be attacking it on the back and neck.
Really?
It reminds me of a company trying to fix problems with a popular software product so that their customers' computers aren't fucked up by hackers.
But, you know, your cartoon analogy is good, too.
Hey freaks: now you're ju
I get your anger at... but I think you are missing the forest for the trees when you say things like "Slashdotters don't care much about the truth as long as they can whine... If they're not complaining...when did anyone on Slashdot..." Come on. Slashdot isn't some monolithic discussion board. That's what makes it great. That's why YOU come here and that's why YOU post. It's because Slashdot is the home the great unwashed masses -- the strongest from every side here come to passionately defend their case. You never see one "side" persuaded... you don't ever get to see one side win...
...but I don't know. I come here, not to have my point of view reinforced but rather to read intelligent people discussing an issue. I don't spend all my time discussing issues. I go out with friends to bars. I watch movies. But sometimes I like to think about issues. And this is a great place to come to find ideas. Sometimes I even find myself being surprised by a different point of view...
... wouldn't you say that the VAST MAJORITY of us are just keeping quiet on this because there isn't that much insightful to say? I mean, really, releasing patches of known vulnerabilities is a good thing. Duh.
I just think the parent post dripped with a little too much bravado. And just to stay on topic
I would have to say that explosives are the most abused technology in all of history.