Slashdot Mirror
13 New Windows Security Vunerabilities
Petree writes "Microsoft has given advance notice that on February 8th, they will be releasing patches for 13 vunerabilities. Happily a day later they'll have a nice little webcast so answer questions about the vunerabilities. Windows users, don't forget to run WindowsUpdate first thing Monday morning."
And then again on Tuesday when the actual updates come out.
Another day another vulnerability. This is getting old. What's the point in continually reporting this drivel? We all know MS has their issues - but frankly I'm getting tired of all the wasted space on /.
You're preaching to the choir!!
Can't they roll them into one cumulative security update?
The summary is wrong, and this is pointing out that fact. Running Windows Update on Monday won't get you anything since the updates come out on TUESDAY, aka the 8TH.
Come on Slashdot, at least they are actively fixing their shit. You all bad mouth them for not fixing stuff fast enough, and then when they announce they are releasing a patch you try to find some way to bad mouth them for that?
We're all bored of hearing how much people hate MS here...we KNOW you don't like them. Just leave it at that, and instead of reading and posting 600 replies here about how they suck, have some sort of intelligent conversation instead.
I mean this is how the process works for any OS. Name the OS or system that doesn't require patches? I just don't see the point of this submission except to imply a Nelson-esque "Ha-Ha" where one isn't required. I run a dual-boot system and surprise, surprise, Linux likes to download fixes as well. In short: Who cares? Next stories: You may have a new e-mail in your inbox: Better check. Or how about: Make sure your version of Quicktime is current.
Support the First Amendment. Read at -1
Windows users, don't forget to run WindowsUpdate first thing Monday morning.
These days, Windows users don't need to "run" Windows Update to grab security updates; the Windows service do that job, so they don't have to remember to do anything special on Tuesday. However, you need to actively visit windowsupdate.microsoft.com if you need other stuff than security updates.
Beware: In C++, your friends can see your privates!
"Windows users, don't forget to run WindowsUpdate first thing Monday morning."
Not just to rag on MS, but I will NOT be running my PC monday morning. Given microsoft's less-than-stellar history of patch releases (Service Pack 2 still gives me night terrors), I'll wait at least a week or so to see what problems these patches create.
It's unfortunate that many PC users (including myself) would rather risk having their PCs zombified or their data erased for a while longer instead of installing the latest MS patch. For me, past experience has shown me it's less of a risk to just sit it out for a while and see what new holes these patches open.
10 Print New Awesome Mac Product 20 Print New Windows Security Problem 30 Goto 10
Crushing my karma one post at a time.
Past experience has shown that exploits are developed very quickly after a patch is released. Without advance notice admins can't schedule or plan to deploy updates. I test and approve patches for about 3000 Windows machines. I'm also in Louisiana where this happens to be a 4 day weekend because of Mardi Gras. Had a critical patch been released on Thursday or Friday I probably wouldn't get to even look at it before next Wednesday. If an exploit was released before then, then well my first day back is going to be a real bad day. While the second Tuesday of the Month might not be perfect for everybody, at least we can plan for it. I know I'll remote in and approve the patches for deployment to my test lab sometime on Mardi Gras day (and watch bugtraq and other places to help determine how important it is to deploy these quickly.) ES
2) It's not 13 patchs for windows. As the article could not state any clearer it's:
3) Read before you submit.
- AMW
I have to agree with CastrTroy here... I run 98SE for the exact reason he has stated. I provide tech support to 6 different schools in my area and I'm having to turn new job offers down because I just don't have enough hours in the week to do them.
Everyone is surprised that I run 98 but, especially now, I know the problems that it has and I have systems in place to stop them. I know it crashes a lot but I also know how to fix it. I've never lost a windows 95/98/me installation yet. However, the XP and 2K machines that I support will lock into all sorts of reboot loops and cryptic stop messages that I can nothing about but restore from backup.
The schools I work for were stung big-time by things like Sasser, they were taken completely off-guard and all reached a critical state within a few days when not one of their PC's would stay up for more than a few minutes.
Because of my setup and because of the way that viruses are now only targeting the new vulnerabilities, I'm pretty safe. I've NEVER, repeat NEVER, had a virus on any computer that I own and for many years didn't even bother with an antivirus.
Nowadays, the only reason I have antivirus is so that I can scan emails from people who forward me crap and ask "is this a virus/trojan etc?". Most of the time, it's a yes before I even bother to scan it.
Virus writers are not targetting me, they'd have a very hard time if they did because I'm not stupid.
My IE is up-to-date and never used, because I realised many years ago what a mistake it is to use it. IE is installed purely for Windows Update.
I have people who I support who are still happily running 98, even 95, some of whom are years behind on updates and they don't have a problem because they are educated, firewalled, know what not to do and have established measures in place, have had for years.
Only the 2000/XP computers that I support have problems with such junk because, like Sasser, there was little a user could do to prevent it as it came out of the blue. That's what 98 was like many years ago but we've since established a routine that prevents that.
There is NOTHING WRONG with running an older Windows OS, even an out-of-date, not-updated OS. Sure, I wouldn't use it as a server but then I wouldn't use Windows as a server given half a choice, precisely because of it's many problems.
Windows "automatic update" has screwed up many a machine that I support, and given all sorts of weird problems becuase of it installing crap and hogging internet connections.
Windows 98 works for me, does everything I need to, is blindingly fast (but you don't notice that until you use it after using XP), behind a suitable set of protective measures is as safe as a Windows 2000/XP machine behind the same measures, easy to recover and suffers less problems overall.
Experiment for the adventurous: Get a Windows 3.1 box, install TCP/IP and put it on the net. Wait for it to be compromised. Perform similar action on XP/2K, even with latest updates.
One of my firewalls is still running a Linux 2.0 kernel because it's simple, safe, and works. Old decrepid. Old = tried and tested.
Ask NASA why they won't put a Intel with XP controlling the space shuttle. Now ask them why they would use a Z80 with something like CP/M or Unix.
"Windows users, don't forget to run WindowsUpdate first thing Monday morning."
I think he meant to say:
Install Linux first thing Monday morning...
I say: Why wait? Use the weekend wisely...
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!