Slashdot Mirror

← Back to Stories (view on slashdot.org)

Patch Tuesday — IE7 Clean

Posted by kdawson on from the patchwork-quilt dept.

jginspace writes "As per the advance notification, Microsoft's monthly security bulletin, released yesterday, addressed five general Windows issues and one in Visual Studio. It also included a fix for a problem in Outlook Express for a total of seven updates. As patch Tuesdays go it was fairly unremarkable. The only general Windows update labeled 'critical' is for a flaw in Media Player. As usual, there's a cumulative update for Internet Explorer, but significantly, the only versions of IE affected are 5 and 6. Version 7 is clean — which is welcome news in this first update since the upgrade was pushed to the world last month. Microsoft was silent on the two zero-day Word holes, one reported here and a new one. Sans is calling this 'Black Tuesday' and recommends patches be applied urgently for the Visual Studio and Media Player vulnerabilities. Sans is recommending the Heise Offline Update utility covered in a previous story."

20 of 75 comments (clear)

  1. IE7 really clean? by jginspace · · Score: 4, Insightful

    Would I be trolling here if I wondered out loud: Did Microsoft really not find and fix anything with IE7 during the last month that they considered worthy of pushing out with this latest bulletin? Consider that this is the first set of updates since IE7 was pushed out to the whole world and how the inclusion of a patch for IE7 would be met with a jaundiced 'business as usual'. I suppose Microsoft just can't win on this can they?

  2. Damn. by sporkme · · Score: 2, Insightful

    What a headline... I thought for a second there that they had recalled IE7.

    I assume that only security vulnerabilities will be patched in XP's IE7 until Vista is on the same update schedule as XP. These patches will be fashionably late and will only address the most severe issues with the browser, and that simple compatibility glitches will go unanswered. Once Vista is really rolling along there will be more consistency.

    --
    FairTax baby!
  3. Re:But I installed Outlook Express 2 years ago? by phrasebook · · Score: 2, Informative

    Yeah, just the shortcuts are removed. Ditto Movie Maker, Messenger, Media Player, IE and probably others.

  4. Re:clean != free of "critical" updates by Osty · · Score: 5, Insightful

    I fully assume that IE7's phishing filter, like Outlook 2003's Junk Mail Filter, will receive monthly updates from Microsoft to keep it up to date with the latest phising "heuristics".

    Actually, IE7's anti-phishing technology is server-based. The judgement of a URL as "phish" or "non-phish" is done completely outside of your browser, outside of your own PC even, so there's no need for heuristic, signature, or filter updates to be pushed to users.

  5. clean by l3v1 · · Score: 5, Funny

    It's good to know, that if they don't release patches, that means IE7 is clean from bugs. I got all comfy and calm now.
     

    --
    I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
  6. Alright everyone, show's over by strider44 · · Score: 4, Insightful

    It's official, IE7 is clean. This shows that Microsoft have gotten all of the bugs and there will be no more patches, ever. Uninstall your virus and spyware scanners - they're not needed anymore.

    Seriously, has the situation come to a place for Microsoft where a month with no patches for IE is actually news?

    1. Re:Alright everyone, show's over by chrisbro · · Score: 2, Interesting

      Seriously, has the situation come to a place for Microsoft where a month with no patches for IE is actually news?

      Yes. This thing had systems administrators running because of the forced upgrade and general wariness. Now that it's being proven that it won't wreak havoc on corporate systems, I figure some BOFHs will start to ponder a roll-out after blocking it. If it proves in the short-run to be more secure than IE6 (which isn't saying much, of course), they might jump on it.

      As much as /. (justifiably) trashes Microsoft vulnerabilities, it's good to see the editors post a story that goes against the grain. Even if it should be read with a curiously raised eyebrow rather than cheers of jubilation.

  7. Pushed out? by pe1chl · · Score: 4, Informative

    Version 7 is clean -- which is welcome news in this first update since the upgrade was pushed to the world last month.

    I know you Americans consider "the USA" the same as "the world", but I can assure you that IE7 was NOT pushed out in the Dutch version of Windows XP. It is not even available as an optional package in Windows update.
    And I think it is the same in many other countries.

    1. Re:Pushed out? by Tim+C · · Score: 2, Informative

      Here in the UK, I was notified of it being available by Automatic Update at work on Monday. As I work in the web and we currently have no strategy for dealing with IE7*, I refused and set it not to remind me about it. I have heard of friends who have autoupdate set to download and install automatically who were surprised to find that they'd been upgraded, but that was recently, certainly not "last month".

      Still, assuming that everyone is in the same situation as you is hardly a uniquely American trait (although at times, it does seem to be more prevalent amongst our Yankie cousins)

      (* Don't shoot me, I'm just a lowly programmer and can't force the issue)

      --
      It's official. Most of you are morons.
    2. Re:Pushed out? by jonwil · · Score: 2, Informative

      Even if you are running Firefox or Opera or something else as your main web browser, upgrading to IE7 (if you are on a system where IE7 will run) still makes sense, if nothing else for all those applications that embed the IE widget which will get the benifits of all the bug fixes IE7 has. (although if said applications are known to fail with IE7 installed, thats a different matter)

    3. Re:Pushed out? by pe1chl · · Score: 2

      Being interested in the US IT industry or US IT news is not the same as equating "the US" to "the world"...

  8. IE7 not clean: Secunia shows 3 unpatched holes by free2 · · Score: 5, Interesting

    IE7 is not clean: Secunia shows there are 3 unpatched holes:
    http://secunia.com/product/12366/?task=advisories_ 2006

  9. Why oh why... by Splab · · Score: 4, Informative

    does the autoupdater insist on nagging me every 15 minuttes about restarting???? It's so bloody annoying, I know you just updated some of my software, but I'm working so shut the f*** up!

    Anyways, you can ask it to bugger off by going to control panel -> administrative tools -> services, find automatic updates, right click and press stop, that will stop it from nagging you about restarting.

    1. Re:Why oh why... by RabidOverYou · · Score: 2, Informative

      I've been doing it for a couple of years now. I have one program I have to RunAs administrator, and I logoff as user, login as admin for WindowsUpdate stuff. All in all, very smooth.

      The most annoying thing is that you can't dblclick the tray clock to see the monthly calendar; it thinks you're changing the date, which is admin-only. Fixed in Vista.

  10. Handy tool - Check for insecure software by mmbokaj · · Score: 2, Interesting

    Secunia released a new tool last week. You can use this to verify that you have the latest secure versions of software installed, including MS updates. http://secunia.com/software_inspector/

  11. Sans = SANS Internet Storm Center by brotherash · · Score: 2, Informative

    The organization referred to as Sans in this article is the SANS Internet Storm Center found at http://isc.sans.org/ You can find the reference to Black Tuesday and more information on this update at http://isc.sans.org/diary.php?storyid=1928

  12. Re:clean != free of "critical" updates by rbochan · · Score: 3, Insightful

    So... every single web site you browse is monitored by a Microsoft server? Yipe. I bet DHS _loves_ that "feature". Can you turn it off?

    Even sounds a bit like spyware...

    [adds another layer to tinfoil hat]

    --
    ...Rob
    The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
  13. Re:clean != free of "critical" updates by Sancho · · Score: 4, Informative

    It asks you by default, and gives you the option to disable the feature when it does.

  14. IE is clean like that girl you know.. by kinglink · · Score: 3, Funny

    You know the one who claims not to have caught an STD, but you've seen her around the free clinic a few times? You know the one. She has documents that say she has a clean bill of health but somehow you don't think there's a Doctor Fakopsky.

    Then of course you go out with her and the next day you know what falls off? We've all had that experience, haven't we?

    Oddly enough that sounds exactly like IE7. I'll stick with my hotter girlfriend, Firefox. It's true she might have "enhancements" and she might be a little "slower" but at least she's not sleeping around like IE.

  15. Re:But I installed Outlook Express 2 years ago? by cp.tar · · Score: 2, Funny

    You really want to bring down Open Source, don't you?

    There's a reason no-one has done that yet.

    --
    Ignore this signature. By order.