Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Takes a 'Patch Tuesday' Break

Posted by CmdrTaco on from the wish-i-could-take-a-post-friday-break dept.

Phill0 submitted a ZD story about Microsoft's week off which says "Microsoft has no new security updates planned for Tuesday, despite at least five zero-day vulnerabilities that are waiting to be fixed. The patch break could be a welcome respite for IT managers still busy testing the dozen fixes Microsoft released last month. Also, many IT pros may be occupied with the switch to daylight saving time, which at the behest of Congress, is happening three weeks earlier this year. "

10 of 151 comments (clear)

  1. DST by Chicken04GTO · · Score: 5, Insightful

    Stupid congress and their DST. How much energy do they think we will save by moving up DST 3 weeks? How much economic loss will be caused by companies all over the place busting their ass trying to get all kinds of systems pathced and working right...?

    Idiot congresspeople.

    1. Re:DST by Billosaur · · Score: 2, Insightful

      How much energy do they think we will save by moving up DST 3 weeks?

      It has nothing to do with saving energy. It's about Congress and the Administration wanting to look like they're doing something about our dependence on foreign oil. There's very little energy savings to be had: these new weeks come in the heart of winter, where a few extra hours of daylight in the evening won't matter because who's going outside when it freezing, and more importantly, people will still have to be heating their homes and offices regardless. And since it will be darker in the morning, when people get up to go to work, any evening savings will be offset by morning usage.

      They would have been better off writing a bill to increase tax credits for alternative energy sources and trying to encourage more fuel efficiency in cars and an increase in mass transit. Instead, we get window dressing.

      --
      GetOuttaMySpace - The Anti-Social Network
    2. Re:DST by The_Wilschon · · Score: 3, Insightful

      In a significant and large portion of the country, March is the heart of spring. I saw people studying out under trees yesterday because the weather was beautiful. It is 64F right now. I turned on my air conditioning briefly because my apartment got uncomfortably hot yesterday.

      If you don't live in Maine, this makes a heck of a lot more of a difference than you apparently realize. (Yes, restricting to only Maine is an exaggeration, too. Deal with it. You know what I mean by it anyway.)

      --
      SIGSEGV caught, terminating

      wait... not that kind of sig.
    3. Re:DST by sconeu · · Score: 4, Insightful

      The economic loss is grossly exagerated like the w2k bug that NEVER hAPENNED

      Which Windows 2000 bug was that?

      Oh, you meant Y2K? Yeah, it "never happened" because thousands of dedicated professionals worked for years to fix and upgrade old systems.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
  2. What about when they realize it was stupid? by PornMaster · · Score: 4, Insightful

    Are we going to have to re-patch everything in a year or two when they change it back?

    On the good side, we found out what doesn't come back up automatically after a reboot on the Sun systems that needed the libc patch, too.

    --
    500GB of disk, 5TB of transfer, $5.95/mo
    1. Re:What about when they realize it was stupid? by Ctrl-Z · · Score: 3, Insightful

      If people were smart about it, they would have implemented the change to be adjustable so we wouldn't have to re-patch everything. How likely is that though?

      --
      www.timcoleman.com is a total waste of your time. Never go there.
  3. Re:Zero Day by operagost · · Score: 3, Insightful

    "Zero-day vulnerability" is totally meaningless. Even the proper "zero-day exploit" makes no sense after zero-day. Totally useless garbage speak, just the marketroids and talking heads who make up words like "factoid" because somehow the word "fact" is not descriptive enough.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  4. DST fiasco by Vexler · · Score: 3, Insightful

    They had since August 2005 to address this, but the software patch only came out in early February of 2007. Then, they had the gall to change the instructions no less than four times while I was preparing to upgrade (KB930879 was updated three times while I was reading it two Thursdays ago), along with a new version of the upgrade tool that were substantially different from what the instructions said. Even the consulting firm we hired only got it to work this past Sunday night.

    Microsoft blew it, folks. This is not to say that OSS does it much better, although Red Hat and FreeBSD (two other OSs we use) nailed the patch months ago. But when you are a $50B company and could only produce the detritus that is the DST patch, there is no excuse for it.

    1. Re:DST fiasco by kiwimate · · Score: 2, Insightful

      No, really not, actually. I agree 100%, and I work with Microsoft products for a living and will often defend them against the more egregious slurs posted on Slashdot.

      But in this case they've blown it. We called them a year ago to ask them about their plans for the change to DST and they asked "what change?". They only really started to come out with patches a couple of months ago.

      CRM? Don't get me started...they kept on finding new components to be patched, server and client, said they'd release the patches in early March (!), finally promised to release on February 28th, and then two days before release date came out and said they'd found some problems and the release would be delayed for another few days. And by the way, if you have more CRM clients to be patched than can be easily handled manually and you don't run your users as local admins, then you're in trouble because it's nigh impossible to get CRM patches distributed over SMS.

      The Exchange/Outlook tools are a nightmare. The rebasing tool causes all appointments set in the three week period between new DST time and old DST time to be sent out again so all our users came in to work one morning to find their inboxes filled with dozens of appointments which had been resent. And the whole dismal complicated procedure is so complex we've been told it'll achieve perhaps a 90% success rate and there will be problems that we have to fix manually.

      No, ordinarily I'll at least be able to defend Microsoft against Linux zealots and fans, but this time they messed up. Big. That the people we talked to didn't even know this was coming a year ago until we alerted them is just wrong, and it has very plainly been downhill from there.

  5. Re:Useless and intentional waste. by jb.hl.com · · Score: 2, Insightful

    The testing, of course, is required. It's the patch that's useless. It should be obvious by now that patching will never fix Windows security problems. The whole exercise is a waste of time and that may be intentional.

    Patching will never fix *any* security problems in *any* system on desktop use. Most, if not all software, has vulnerabilities of some kind. You can't just dismiss Windows because it has holes in it, when there are holes in open source software as well.

    --
    By summer it was all gone...now shesmovedon. --