Slashdot Mirror
Microsoft Plugs a Record 26 Security Holes
An anonymous reader writes "Microsoft today released ten patches to fix at least 26 separate security holes, including a whopping 16 flaws in Microsoft Office and its constituent apps. According to Washingtonpost.com's Security Fix blog, this is the most number of patches ever released by Redmond outside of a Windows service pack. Also of note, six of today's updates apply to fully patched Windows XP systems, and two of the flaws are actually present in Windows Vista."
It could have been 27!
$action = empty(PHP) ? backToC() : unset(PHP) ; "when the concrete cases are understood, the abstractions are readily
It's how many remain that's important.
And, how many were created in the making of the 26 patches?
-- @rjamestaylor on Ello
microsoft introduces 2-3 holes while fixing one .. if they patch up with that speed from now on, it means ... uh oh ...
Read radical news here
No. They tried that. Corporate customers revolted because their IT teams couldn't keep up with patch testing/deployment. And as history has shown (MSBlaster), the worm-clock starts ticking once the patch is available to the general public (it is faster for exploiters to reverse engineer the patch to find the hole), meaning it isn't practical for IT departments to "hold" onto patches and deploy them on their own monthly cycle.
So, at least Microsoft is fixing them.
Microsoft has bugs, people complain.
Microsoft fixes the bugs, people complain.
Apple releases an incremental update to OS X 10.2 to 10.3 and charge you for it ($129.00), and when they release a MASSIVE update in September, not a peep of complaints...
Vista ain't done until Firefox won't run!
I kid! I kid!
I thought all those studies said that Linux had way more security bugs than Microsoft! The last report had Microsoft at somewhere around 52 security bugs and Linux at several times that.
If I have my math right:
52
-26
-----
26 bugs left!
Microsoft only has to fix them there 26 bugs until Windows is all perfect and flawless!
*Does a happy dance!*
This guy tries to explain to the average reader/non-geek that Microsoft .NET is a "computer language".
So long as your precompiled code is a combination of English and C, and yet you still prefer to call it a "language", you shouldn't be surprised to hear others mis-use the word just as bad as you.
C, C++, VB, Java, Perl, Pascal, Javascript, and all the rest are syntaxes, not languages.
That "incremental update," as you ignorantly call it (nice nick, by the way), was a major version release with a whole new version of OS X, new features, and new technologies. It wasn't some minor service pack.
And that massive update in September isn't so massive when you point out that it's the most we'll see all year. Meanwhile, Microsoft released an IE patch, then released a patch to fix the patch, then released a patch to fix THAT patch. And you wonder why people complain about Microsoft?
"Sufferin' succotash."
Almost any OS that is free... After all, it is hard to argue that Ubuntu (for example), should be flawless when it costs nothing and is in fact shipped out at someone else's expense if one asks for a few sets of the install discs.
So if it's free it can't suck ?
How about all those versions of Linux that *aren't* free ?
Why waste money on a bigger, slower, pile of crapware from Microsoft when it offers nothing substantial in the way of practical improvements over the mess that is XP?
It offers masses of "substantial, practical improvements". The important question people need to ask is if any of those are important enough to them to upgrade.
What I'm reading these days is that the Vista release is being given the yawn treatment by many IT professionals.
IT professionals are waiting for a) the server-side complement to Vista and b) the early rounds of bugs to be shaken out.
In fact, I'm worried that security will be much worse on Vista than it is on XP since 3rd party security vendors are being prevented by Microsoft from hooking in at the level their code needs to run at to be most effective. I don't trust Microsoft to handle security issues. It has a pathetic track record. The programmers at MS clearly don't understand their own code.
Sounds to me like you're buying into the standard anti-Windows and anti-Microsoft FUD.
"I remember when Windows 95 came out, with its weak, obviously-an-afterthought "web browser" (IE 3.0)", ronkronk
.
It wasn't an afterthought it was a renamed Spyglass browser which they subsequently 'gave away' with Windows so as they wouldn't have to pay royaltees. After failing to buyout Netscape and get an exclusive deal from NCSA they settled with Spyglass.
"It took them some time to get it right, but eventually IE took over", ronkronk
IE took over by billg strong arming the OEMs to take Netscape off the desktop. Can't you remember what the MS AOL court case was all about.
"AOL's March 12 and October 28, 1996 agreements with Microsoft also guaranteed that, for all practical purposes, Internet Explorer would be AOL's browser of choice"
"Compaq was the only one to fully commit itself to Microsoft's terms for distributing and promoting Internet Explorer to the exclusion of Navigator"
"now it's becoming more and more obvious that they're taking security every bit as seriously as they once took the Internet", ronkronk
Like as an after thought.
"within a few years, we're going to see some really damn secure stuff coming out of Microsoft", ronkronk
I've heard exactly the same kind of thing when NT came out.
"In the meantime, Firefox exploits are cropping up at a seemingly greater pace. This worries me. It looks like a repeat of 1997, when Netscape lost huge amounts of ground to IE by producing a product that wasn't as good as the competition.", ronkronk
Netcape was never inferior to IE. As this test proves. The MS stratagy at the time was to make it a jolting experience for the enduser. Why are you trolling slashdot with patently false pro-MS propaganda.
"We will bind the (Windows) shell to the Internet Explorer, so that running any other browser is a jolting experience"
Firefox running on a more secure OS as standard user are not as serious as bugs in IE running on WinVista. You see as MS embedded the browser directly into the OS so as it couldn't be removed.
Secondly Netscape lost ground because of backroom shenagenans by billg an Co. After threatening to withold technical information, they offered to carve up the market between them or else they would cut off Netscapes oxygen supply.
`The delay in turn forced Netscape to postpone the release of its Windows 95 browser until substantially after the release of Windows 95 (and Internet Explorer) in August 1995. As a result, Netscape was excluded from most of the holiday selling season.'
"Microsoft representative J. Allard had told Barksdale that the way in which the two companies concluded the meeting would determine whether Netscape received the RNA API immediately or in three months.'"
`After Netscape refused Microsoft's offer to divide the browser market, Microsoft embarked on a predatory campaign to eliminate the browser threat'
`In subsequent meetings in the Fall of 1995, Microsoft explained to Intel that its strategy would be to kill Netscape and control Internet standards'
`in exchange for steering clear of the Windows browser segment Netscape would be made a preferred Microsoft partner'
"I'll be telling clients to go with Microsoft products, because they're more secure than F/OSS. And I don't want to see that happen.", ronkronk
I'm really an Open Source advocate except for bla, bla, bla
http://www.usdoj.gov/atr/cases/f2600/2613-1.htm
http://www.theregister.co.u
davecb5620@gmail.com