Slashdot Mirror
Flurry of Security Patches
yggy writes "It's been a hectic day on the security patching front. Microsoft's bulletins for July include patches for three critical vulnerabilities on the same day that Mozilla releases new security updates for Firefox and Thunderbird. Not to be left behind, Apple fixed two Tiger flaws while Oracle issued a critical database server update." (See these separate stories on today's release of Firefox 1.0.5 and the 10.4.2 update from Apple, too.)
....that msft waited until the end of day to release the patches. Every time they release during the day it boggs down the network, to the point of really hindering productivity, its especially crappy when they release in the morning, because then its usually bad all day.
Look at the calendar.
Blackhat / DEFCON is at the end of the month in Vegas. This is the scheduled patch release day (at least for MS) before the event.
The vendors have more than likely been notified by the "researchers" who discovered the issues, and are releasing their fixes on a coordinated schedule.
After taking to Apple tech support about my X11 problem, and having them refuse to help, I guess I'll just have to follow the MS support path and re-install the OS.
The sysadmin mantra lives on: All operating systems suck, they just suck differently.
-Chris
-- This sig is only a test. If this were a real sig it would say something witty. --
Ah yes, the wisdom of the AC...
If I was 'in my right mind' I'd be living in Fiji taking tourists on scuba tours of the soft corals. Since I'm not, I stay in SF and buy shiny toys; and I maintian the right to bitch about them if they don't work as expected. And I've got the balls to do it with a real login account.
-Chris
-- This sig is only a test. If this were a real sig it would say something witty. --
they continue making progress with the bug fixes. For me, FF is feature packed enough. I'd prefer to see some more work on the update facilities and performance when running on Linux (fix the RAM usage and crashes please). I like FF because it's light, I don't want more bloatware. The FF team need to remember that we can switch back to IE, or to Opera or something else, just as easily as we switched to FF. Many FF users aren't in it to snub MS (they're both free browsers, it's not like they lose money), they're using it cause it's a safer, more stable product. The second that changes, I and many like me go elsewhere.
One of the things I noticed last week was that Windows Update... had been updated. It's now a new stylized webpage and it works a little differently - in that, it doesn't. My Windows 2000 Pro machine refuses to install anything that's been downloaded with the "new" Windows update. They refer you to the help section if installation fails, and after trying all of the help suggestions I just gave up, nothing worked.
d efault.asp
The only thing that does work (for me anyway)is the old URL: http://v4.windowsupdate.microsoft.com/catalog/en/
No telling how long we have until Microsoft disables it and forces everyone over to a new system that doesn't work. I've always liked, or at least tolerated Windows and I've never understood why everyone here *hates* Microsoft. Now I get it. Hopefully someone will find the above url useful if they have problems.
Out of curisity, what do you consider "quickly"?
l nerabilities.html#Firefox
http://www.mozilla.org/projects/security/known-vu
Let's look at the most recent vulnerability there, MFSA-2005-56. Unfortunately, the details are being hidden until July 20th. However, we can see the Bugzilla report numbers. The first, 294795, won't let me view it. But if we view 294796, the bug created right after we see it was created on May 19th. Nearly 2 months ago.
Is 2 months "quickly"?
You seem to be blindly making assumptions without bothering to check the facts.
This is NOT evidence that Open Source fixes bugs quickly. If anything, it proves that just like Closed source, they can keep the bugs quiet and sit on them as long as they like.
If you need web hosting, you could do worse than here