Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Release 6 Security Updates Next Week

Posted by CowboyNeal on from the on-the-horizon dept.

An anonymous reader wrote in with an article that leads: "Microsoft will release six groups of security patches next week, including three critical updates for Windows and Excel users. The critical updates will fix bugs in many different versions of Microsoft's products including the latest versions of Excel, Windows XP, Vista and Windows Server 2003, Microsoft said."

96 of 123 comments (clear)

  1. well thank god by witte · · Score: 5, Funny

    ... at least now we will be safe !

    1. Re:well thank god by Bastard+of+Subhumani · · Score: 1

      Six, eh? That's one fix, two to fix the bugs the first fix introduced, and two more to fix the bugs the last two introduced. The one left over causes several new serious bugs, but on the positive side it adds realistic 3d shading to clippy.

      --
      Only three things are certain; death, taxes, and apocryphal quotations - Ben Franklin.
    2. Re:well thank god by niceone · · Score: 1

      Yes, next week we will all be safe. Best not open any documents or spreadsheets until then though. Tell your boss it's for security reasons.

      --
      ccalam - acoustic versions of new songs.
    3. Re:well thank god by Aliriza · · Score: 1

      instead we are in danger for one week then they will announce another security patch and we will never feel safer.

  2. No way. by Safiire+Arrowny · · Score: 1

    Man bites dog is news. This is not exactly news.

    Anyway, now we have an *entire* week to speculate about how this amazing event will turn out, a la iPhone.

  3. Hmmmn by Jaaay · · Score: 2, Interesting

    This shows the importance of a good NAT firewall. However it'd be interesting to know if the user must click allow on a lot of UAC warnings first to be compromised or it comes through clean since this is supposed to be one of the main benefits of Vista. The UAC works reasonably well for me, it's just annoying when stupid companies like ASUS ship "Vista Ready" cds in the box that have unsigned code that generate a lot of warnings.

    1. Re:Hmmmn by KiloByte · · Score: 1, Flamebait

      This shows the importance of a good NAT firewall.
      You got that wrong. You meant "the importance of a good firewall". NAT is a bad, bad thing, at least in the usual meaning of that word -- while technically any kind of a box in the middle meddling with sender/receiver fields in a packet is network translation, the typical setup of X machines being shoehorned into 1 IP doesn't have a single benefit, just a lot of downsides.
      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:Hmmmn by Jaaay · · Score: 2, Funny

      I just figured if I have a bloody hard time configuring and opening ports without problems for legitimate programs on it that trojans and other nasty stuff must have a hard time getting through and sending back data also :)

    3. Re:Hmmmn by somersault · · Score: 2, Informative

      "the typical setup of X machines being shoehorned into 1 IP doesn't have a single benefit"

      If that were true then it wouldn't be done. If it weren't being done then everyone in an office would need their own public IP to connect to the net? It's a benefit to be able to firewall traffic at one point rather than doing the same checks on every machine as well.

      --
      which is totally what she said
    4. Re:Hmmmn by KiloByte · · Score: 1

      One word: IPv4.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    5. Re:Hmmmn by pasamio · · Score: 2, Informative

      NAT doesn't stop people sending data back it just stops people directly coming in. Since they can get out they can tunnel a way back in or sit on an IRC server or similar system and wait for commands. There are also techniques like STUN that trick a NAT system into opening a port without actually realising it. Even though you have a hard time getting things to work, people have already thought of this and have no issues working around things ;)

      --
      I always wondered where this setting was...
    6. Re:Hmmmn by somersault · · Score: 1

      I'm guessing you mean IPv6?

      --
      which is totally what she said
    7. Re:Hmmmn by Ephemeriis · · Score: 3, Informative

      "the typical setup of X machines being shoehorned into 1 IP doesn't have a single benefit"

      If that were true then it wouldn't be done. If it weren't being done then everyone in an office would need their own public IP to connect to the net? It's a benefit to be able to firewall traffic at one point rather than doing the same checks on every machine as well.
      The benefit is that it allows us to continue using IPv4 with relatively few problems. It allows ISPs to keep from running out of static IP addresses. And that is only a 'benefit' because IPv4 is more-or-less broken at this point.

      Just because a PC has a public IP doesn't mean you don't need a firewall or router. It doesn't mean you'd be doing all your firewalling on the individual PCs. You'd still route your traffic through a central box and do your checks there instead of on every machine.

      I'm not going to say NAT is completely bad all the time. It's a handy little hack. But that's exactly what it is - a hack to keep IPv4 alive. And doing away with NAT would eliminate a lot of headaches that cramming dozens of PCs into one public IP address has created. Of course...we'd get other headaches in exchange... But nothing is perfect.
      --
      "Work is the curse of the drinking classes." -Oscar Wilde
    8. Re:Hmmmn by pasamio · · Score: 1

      Well you can do stateful packet inspection if you want to pay for decent routing gear to make sure everything is doing what it should. In fact there are a whole heap of things that allow you to control a single point and give out public IPs. My university staff network used to have public IPs for some sections because they needed it. The main reason why not everyone gets public IPs is the fact that there simply isn't enough IP addresses in the v4 range to go around, with IPv6 we could easily give everyone a public IP but given Windows, the dominant operating system, really only introduces (buggy) support for IPv6 in Vista (even more primitive IPv6 was available in XP but it was harder to enable) it hasn't happened yet. Whilst I agree that there are benefits, a NAT is different to a firewall and not the tool to do the checks on data. Firewall != NAT. :)

      --
      I always wondered where this setting was...
    9. Re:Hmmmn by somersault · · Score: 1

      Yeah I was thinking that there wouldn't be enough IPv4 addresses, and it must be cheaper to only have one web facing IP address anyway? I'm not very knowledgeable when it comes to registering public IPs/domain names etc. Yeah NAT isn't the same as firewalling I guess, but they tend to work quite well together :P

      --
      which is totally what she said
    10. Re:Hmmmn by pasamio · · Score: 1

      Public IP addresses are a resource that is managed and cannot be bought per se. There are management fees associated in acquiring IP addresses but I believe if you show you are using them then there is no issue. Its just proper management of a limited resource, what should occur in a lot of cases but doesn't for lots of reasons. They work well together and it should be regarded that they should be together as NAT isn't a standalone solution, especially in a decent sized enterprise.

      --
      I always wondered where this setting was...
  4. Let's help the subbys and editors with this chore. by Linker3000 · · Score: 5, Funny

    Microsoft Patch Release Announcement
    (Slashdot Standard Form #97)

    Microsoft will release [$COUNT] security patches

    [ ] Today
    [ ] Tomorrow
    [ ] Next Week
    [ ] When they goddam say so

    Including [$NUMCRITICAL] critical updates for

    [ ] Windows
        [ ] XP
        [ ] 2000
        [ ] Server 2000
        [ ] Server 2003
        [ ] Vista
    [ ] Linux (..sorry, just kidding!)
    [ ] Word
    [ ] Excel
    [ ] Access
    [ ] PowerPoint
    [ ] Bob
    [ ] Internet Explorer
    [ ] Outlook
    [ ] Outlook Express
    [ ] Exchange
    [ ] DOS 6.22
    [ ] All of the above

    A spokesperson said "We take a very serious view of or responsibilities to ensure that the Microsoft computing experience is safe and secure for all our valued customers - and these updates show our commitment to that goal"

    When what they really meant to say was...

    [ ] Fsck, we just found some more stuff we missed during beta testing.
    [ ] We never thought someone would try THAT
    [ ] Yeah, we were kinda hoping we could keep that one quiet but then some geeky, long-haired nerd had to go and post about it on teh Internets.

    --
    AT&ROFLMAO
  5. Man bites dog is news? by Anonymous Coward · · Score: 1, Funny

    only if the dog dies.

  6. Why is this news again? by Toreo+asesino · · Score: 4, Funny

    Does everyone here secretly run Windows systems, or is this another MS-bashing opportunity? Can we have security fixes released for Linux kernel published too please? I think that might be more relevant for the practical purposes this article was no doubt published...

    I mean, Christ, it's almost like everyone here hates Microsoft or something!

    Wait a minute....

    --
    throw new NoSignatureException();
    1. Re:Why is this news again? by linal · · Score: 2, Funny

      You got 500 euros? http://www.wslabi.com/wabisabilabi/initPublishedBi d.do?

    2. Re:Why is this news again? by Ephemeriis · · Score: 2, Insightful

      Does everyone here secretly run Windows systems
      Secretly? No... But my job forces me to deal with Windows far more than I like. And then there's three Windows gaming systems at home...

      I mean, Christ, it's almost like everyone here hates Microsoft or something!
      See my above statement. By the time I get home from dealing with buggy Windows machines all day long the last thing I want to do is deal with more Windows issues at home...which is why I'm running Linux for my primary machine. But we're a family of gamers - two WoW junkies and a CoH/V addict - which means we've got Windows machines at home. And I just spent the 4th of July, which I had off from work, reloading my son's PC.

      So, yeah, there's a bit of animosity towards Microsoft around here...
      --
      "Work is the curse of the drinking classes." -Oscar Wilde
    3. Re:Why is this news again? by gravis777 · · Score: 1

      Actually, this is useful. I work in Desktop Support at an IT company, and we finally had to turn off Microsoft Updates, as it was crippling us. Of course, the answer would be to use some type of update management solution, but that has not happened yet. Its just good to know ahead of time that users might be experiencing problems.

      Of couse, one could argue that Microsoft releases patches just about every Tuesday. Just expect to have higher than average traffic on your helpdesk come Wednesday morning.

      I have two work computers, a Mac running OSX and a PC running XP that I try to update as soon as the updates come out so I know how users will be affected. My home computer is dualbooting between XP SP2 and Vista 64bit Business (blah! What's the point of drivers in a 64 bit OS if you have no hardware acceleration!). I gave up on Linux. We do not use it at work except for one or two servers, and for what I do at home, lets just say that I tend to crash my Mac and Linux way more often than I crash XP. Vista crashes if you look at it weird. Actually it crashes if you don't look at it. Oh, Vista is just unstable, and no one should use it, ever.

      Until Slashdot posts that Microsoft is releasing stability updates for Vista, that is. A rewrite of the kernel would be nice!

    4. Re:Why is this news again? by Just+Some+Guy · · Score: 1

      Why is this news again?

      Because Vista doesn't have security problems.

      --
      Dewey, what part of this looks like authorities should be involved?
    5. Re:Why is this news again? by psydeshow · · Score: 1

      Actually, this is a great public service. I have a couple windows virtual desktops that I log into in order to check how pages look in MSIE, and now I know I need to patch them next week.

      Anyway, given MS's market share, patches to Windows *are* a bigger deal, newswise, than patches to other systems.

  7. Re:Let's help the subbys and editors with this cho by Silver+Sloth · · Score: 5, Funny

    (Slashdot Standard Rely #42)
    This doesn't affect me because I run

    [] OSX
    [] Linux
    [] Multix
    [] CP/M

    --
    init 11 - for when you need that edge.
  8. Ok and... by svendsen · · Score: 4, Insightful

    why is there an article about patches anymore? Everything gets patched... Windows / Linux / OS X / a few hundred thousand applications that run on them.

    Slashdot all the news about iPhone and patches that you have ever dreamed of....

  9. This is just great! by CaptainZapp · · Score: 3, Interesting
    Time to patch my Laptop (Samsung, XP Pro legally licensed). There's only one problem with that:

    When I start Windows Update it informs me that it needs updating. Attempting to do so leads to a carped update with some error code. In short: Without the "improved" version of the software no more Windows update for me and since getting the "improved" version fails to install in the first place...

    This seems to be a known problem for which there doesn't ssem to be a fix yet. And no! Re-installing the OS is not and option since this toasts my Ubuntu partition.

    Microsoft is a company that pisses me off more and more on a daily basis. Thank you for listening.

    --
    ich bin der musikant

    mit taschenrechner in der hand

    kraftwerk

    1. Re:This is just great! by TheUni · · Score: 1

      You could use something like http://www.autopatcher.com/ to bring yourself up to date.
      And sure, reinstalling windows would make your Linux inaccessible, but a simple grub reinstall (or alternatively using ntldr to boot linux) isn't too tough...

      TheUni

    2. Re:This is just great! by gardyloo · · Score: 1

      It's a long-shot, but I've actually seen Windiz Updates fix something quite like this, and then the official MS updating worked just fine. Of course, you might just stick with Windiz afterwards :)
      http://windizupdate.62nds.com/

    3. Re:This is just great! by arkhan_jg · · Score: 1

      Turn off automatic updates, reboot and run a manual windows update will usually clear it. If not, you might have a corrupted update catalog or the like - google the error code will usually give you instructions to clear it; there's quite a few different ways to break windows update and all I've come across so far are pretty straightforward to fix. If you get stuck, post the error code here and i'll try and find a guide.

      Yes, it pisses me off too, which is why I run windows under vmware these days :)

      --
      Remember kids, it's all fun and games until someone commits wholesale galactic genocide.
    4. Re:This is just great! by Arterion · · Score: 1

      Try using "Microsoft Update" instead of "Windows Update". If that doesn't work, fixing this (I've done it before) is a big PITA. I don't remember the specifics, but I do remember it was hard to figure out. :-(

      --
      "That which does not kill us makes us stranger." -Trevor Goodchild
    5. Re:This is just great! by Bacon+Bits · · Score: 2, Informative
      99% of problems with Windows Update are caused by incomplete download or corrupt catalog data.

      Stop the BITS and Automatic Updates services and then delete (or rename) C:\Windows\SoftwareDistribution. Then restart the BITS and Automatic Updates services.

      Script:

      net stop bits
      net stop wuauserv
      rmdir /s /q %windir%\SoftwareDistribution
      net start wuauserv
      net start bits
      You should also apply these updates if you haven't before:
      http://support.microsoft.com/kb/927891

      Installing the WUA 3.0 with the /wuforce switch also very commonly corrects random problems. So does installing the latest MSXML redistributable, currently MSXML 6.0 SP1.
      --
      The road to tyranny has always been paved with claims of necessity.
    6. Re:This is just great! by smiffy1976 · · Score: 1

      Well, if you only have a restore CD they will often by default erase the active partition as part of the process. Solution? Use RockXp to obtain your activation key and then use this key with the XP OEM install CD that you should have been provided with.

    7. Re:This is just great! by lordeldor · · Score: 1

      If you can't reinstall windows without killing a seperate partition you need to turn over your nerd hat. Hint reinstall windows. Oh no my bootloader!!!!! Relax boot knoppix, and reinstall the mbr using the grub command. Don't know how to use grub? RTFM

    8. Re:This is just great! by CaptainZapp · · Score: 1
      Thank you so much. I tried it. Unfortunately no luck.

      Ah well; thanks anyway

      --
      ich bin der musikant

      mit taschenrechner in der hand

      kraftwerk

    9. Re:This is just great! by Bacon+Bits · · Score: 1

      Well, you can always look at C:\Windows\WindowsUpdate.log (not Windows Update.log) and searching against the error message.

      --
      The road to tyranny has always been paved with claims of necessity.
  10. Patch Tuesday = no work for an hour or two by simong · · Score: 4, Insightful

    One of the joys of working for a big company is the splendid way in which a large patch distribution nails network bandwidth and pulls down every machine in the office while it is installed. I'm not sure who's at fault here but they sure ain't the sharpest tool in the box.

    1. Re:Patch Tuesday = no work for an hour or two by figleaf · · Score: 2, Informative

      If that is how it works in your org. Then they should start using WSUS or learn how to use it properly.

    2. Re:Patch Tuesday = no work for an hour or two by shird · · Score: 2, Informative

      Whos at fault? Your company. They are not using WSUS (http://technet.microsoft.com/en-us/wsus/default.a spx) or something similar. The technology is there, don't blame MS.

      Not the sharpest tool in the box.

      --
      I.O.U One Sig.
    3. Re:Patch Tuesday = no work for an hour or two by walterwalter · · Score: 1

      Well lets be completely honest. WSUS will only save you if you are running v3.0 and have your update client up to date. Prior to that (month and a half ago) WSUS was the problem. This issue manifested itself in 99% CPU utilization by the SVCHost parent process. However if you want to avoid patch Tuesday then just leave your computer on and logged off over night. If you come in and boot up your machine (or unlock it for that matter) and try to get your critical updates at the same time as everyone else in the company... The fire up the task manager and enjoy the show.

    4. Re:Patch Tuesday = no work for an hour or two by plague3106 · · Score: 2, Informative

      Your large company has idiots for IT then. There's no reason not to use WSUS, then you have one server downloading from the internet, and clients pulling from that (or another interal downstream server). And you set it to do so at 3AM when no one is around.

    5. Re:Patch Tuesday = no work for an hour or two by plague3106 · · Score: 1

      Not true. I deployed WSUS 2.0 a year ago, and it worked fine. I didn't care to use a webpage to manage it, but thankfully they now have an MMC snap-in for v3 instead.

    6. Re:Patch Tuesday = no work for an hour or two by lukas84 · · Score: 1

      That was a big problem, and it wasn't funny that Microsoft took AGES to fix this.

      However, there were several viable and working workarounds (mostly developed by the community).

      And your "not logging off" variant does not work if you've configured the GPOs for the WU Client correctly...

    7. Re:Patch Tuesday = no work for an hour or two by walterwalter · · Score: 1

      And your "not logging off" variant does not work if you've configured the GPOs for the WU Client correctly... What do you mean? Are you meaning the difference between allowing the user the choice of when to reboot or making that decision for them?
    8. Re:Patch Tuesday = no work for an hour or two by walterwalter · · Score: 1

      Perhaps you should have told the WSUS development team that the widespread WSUS CPU utilization issues could be solved by you and your specific installation of WSUS... http://blogs.technet.com/wsus/archive/2007/05/15/s rvhost-msi-issue-follow-up.aspx

    9. Re:Patch Tuesday = no work for an hour or two by PhxBlue · · Score: 1

      I would have to inquire as to why your IT department isn't managing the software updates across the LAN? What are they getting paid for, if not PC configuration management?

      --
      !#@%*)anks for hanging up the phone, dear.
    10. Re:Patch Tuesday = no work for an hour or two by simong · · Score: 1

      Oh, I agree entirely. The company in question is very backward in its IT practises and they should get the cleu in a few years, probably at about the same time that they migrate the email system from Notes 5.

      On the other hand though, getting people to leave their machines on overnight is counter to alleged 'green' policies, and even if it's only once a month or even once a year, the culture of non-communication in the company makes it impossible to tell people to leave their machines on. I'm a contractor by the way. I wouldn't work for them full time.

    11. Re:Patch Tuesday = no work for an hour or two by plague3106 · · Score: 1

      Perhaps you should realize that it didn't happen to everyone. Also, the bug you mention was something specific to MSI, not WSUS. The issue occured for one week before another patche fixed the issue.

    12. Re:Patch Tuesday = no work for an hour or two by walterwalter · · Score: 1

      Well given that the two parts work hand in hand I was under the impression that it went without saying. I can't bring myself to say that WSUS 2.0 worked fine because the two parts are interdependent (unless you just wanted to run WSUS 2.0 and not have any clients actually use it). Regardless it took MS way too long to fix the issue. It occurred for three full months before MS fixed the issue.

    13. Re:Patch Tuesday = no work for an hour or two by element-o.p. · · Score: 1

      Are the "green" policies written by someone who actually knows what they are talking about or by some idiot PHB? Yes, I know that's redundant.

      Most computers I've seen in the last, well, decade allow you to set configuration options to power down hard drives, monitors, and the CPU(s) to conserve energy when the system isn't being used. Your power drain overnight on such a machine -- assuming it is properly configured -- should be minimal. Consequently, it would seem to me that the argument for powering down all of the equipment every night, especially when balanced against choosing an hour or two of downtime every patch Tuesday, is tenuous at best.

      --
      MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
    14. Re:Patch Tuesday = no work for an hour or two by plague3106 · · Score: 1

      You could say that the Linux kernel is broken if driver that works hand in hand with it is broken.

      WSUS did work fine, you don't need WSUS to use MSI at all. MSI is just their package manager. As I've said, I had WSUS 2 running for quite some time and never experienced the issue. It also didn't take them three months to fix the issue.

  11. Re:And ... by MoonFog · · Score: 4, Insightful

    Could be because a large portion of Slashdot's readers are sysadmins and chances are that many of them are administrating Windows machines at work?

  12. Re:Let's help the subbys and editors with this cho by morgan_greywolf · · Score: 1

    [ Slashdot Standard Comment #69 ]

    See? That's why I run:

    [ ] Linux
    [ ] Mac OS X
    [ ] OpenBSD
    [ ] FreeBSD
    [ ] NetBSD
    [ ] Darwin
    [ ] Herd (not yet implemented)
    [ ] Windows, but without administrator priveleges

    Of course, this wouldn't be a problem if stupid users wouldn't:
    [ ] Open attachments
    [ ] Click on every popup offering malware
    [ ] Install P2P software for Windows
    [ ] Surf untrusted sites
    [ ] Download 'porn viewers'
    [ ] Always click 'Ok' or 'Allow'
    [ ] All of the above

    This is why people need to run:
    [ ] A good NAT hardware firewall
    [ ] A good software firewall
    [ ] A good antivirus tool
    [ ] A good antimalware tool
    [ ] Switch to [$FAVORITE_LINUX_DISTRO]
    [ ] All of the above

    --
    My blog
  13. In other news... by pete.com · · Score: 5, Funny

    This just in...

    The sun will be rising in the east today and setting in the west. We will continue to cover this breaking news as more details come to light.

    1. Re:In other news... by rhizome · · Score: 1

      Not only that, but people have already started camping out in line for this much anticipated bugfix release. Some say the people at the front of the line just want to resell the bugfixes on Ebay, but many people have said that they fully intend to use the bugfixes on their own machines.

      --
      When I was a kid, we only had one Darth.
  14. VMware or Qemu by flyingfsck · · Score: 2, Interesting

    is the solution. That way, you can concurrently run Windows in a window on Ubuntu and you can recover the wasted Windows disk partition too, using ntfs-3g. Actually, when using an emulator, Win98se works even better than Expee and since you won't be using any of the internet 'features' of Windows anymore, the vulnerabilities won't affect you, while making backups of Windows becomes a breeze using tar. With Windoze on Qemu, you don't need to bother updating it anymore either - it just keeps on working.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
    1. Re:VMware or Qemu by penp · · Score: 1

      I tried Qemu, but it ran 40x slower than windows did when I was running it in vmware (when it was free). And yes, I have kqemu installed, and I have almost a gig of ram set aside for the emulated XP computer. It'd be nice to be able to just run Win98se for my windows crap, but Photoshop wont run in that environment.

      Any other nice (free) alternatives?

    2. Re:VMware or Qemu by fellip_nectar · · Score: 1

      VirtualBox

      --
      Worst. Signature. Ever.
    3. Re:VMware or Qemu by penp · · Score: 1

      Thanks a bunch, I'll have to check it out when I get home.

    4. Re:VMware or Qemu by bryan1945 · · Score: 1

      "Above 17 steps...."

      This is why I won't deal with Windows at home anymore. Ok, only 5 steps, but that's 4 too many.

      --
      Vote monkeys into Congress. They are cheaper and more trustworthy.
  15. Including what's that? by DynaSoar · · Score: 1, Troll

    > ... including ... Vista ...

    That's what I thought you said. At least now we know that moving from XP to Vista is not a security upgrade. So much for the oh so secure new OS, I'm sure it's worth every penny I saved not getting it.

    I'm thinking about migrating to DOS 6.6. I have no idea how secure it is, but I'm pretty damn sure nobody's trying to exploit it.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
    1. Re:Including what's that? by empaler · · Score: 1

      MS stopped at DOS 6.22 as a standalone product. There's 7.0 in the 9Xs. DR-DOS/OpenDOS, I believe, stranded at 7.01 or something. 6.6 is a number I haven't heard before...

    2. Re:Including what's that? by plague3106 · · Score: 1

      Righhht. So what version of Linux can we expect there to be zero security exploits for it EVER again?

  16. Re:And ... by Yoozer · · Score: 1

    although I am confused as to why anyone would use it
    Because my software of choice that I use to create music and graphics does not run on Linux. Don't bother listing "alternatives" -- I know about them already and they aren't alternatives as long as I have to jump through hoops or have to give up what I use now.

    Security is not an issue; I'm not running a virus or spyware scanner here because it steals away precious resources from my music software. Learning Linux is not even an issue; you'd have to convince the corporations making the gear I use to switch.
  17. Re:Best Line from the Article: re: online criminal by somersault · · Score: 1

    Or, alternatively, don't use MS Office? o_0 But don't open attachments you are not expecting works too.

    --
    which is totally what she said
  18. Re:oh boy by n0dna · · Score: 1

    Whether you need them or not.

  19. why is this news? by SolusSD · · Score: 1

    There will *always* be security updates. Unfortunately bugs in programs are inherent to how we write programs. Sure- there is plenty people could do-- functional programming approach, better coding practices, et cetera-- but a few more bug fixes just isn't news. hell-- linux and macosx have bug fixes all the time too but they rarely hit slashdots front page.

  20. Re:Let's help the subbys and editors with this cho by empaler · · Score: 1

    [ ] Hurd (not yet implemented)
    There, fixed that for ya'. :)

    Also, if you have DOS 6.22 you ought to have Win9Xs, too. At least (ugh) WinME.
    And UNIX proper.
  21. Re:Let's help the subbys and editors with this cho by maxume · · Score: 1

    I run on beans.

    --
    Nerd rage is the funniest rage.
  22. Re:And ... by plague3106 · · Score: 1

    How did this troll ever get insightful?

  23. Re:And ... by plague3106 · · Score: 1

    So why don't we hear about all the Linux security patches?

  24. To those who have overconfidence about security. by Zombie+Ryushu · · Score: 2, Insightful

    Yes, Linux is more secure than Windows. We know that.

    That doesn't mean that we can rest easy on Linux Security. We must never for a moment think that even with Linux we are ever completely safe. As long as any computer has power to it, it has a security risk, but I'd like to present an alternative way of thinking about it.

    Linux must not only be better in security, but better in capability.

    I know that design wise, OpenLDAP/Kerberos/Samba/FreeRadius/AFS will produce a far more secure network infrastructure than Active Directory will. But that combination will not produce as capable an infrastructure as the real ADS. The worst security vulnerability Linux could have is the security vulnerability produced when an orginization chooses Active Directory on Windows over Open Directory on Linux.

    If you want to change this, contribute to OpenLDAP, to Samba, to FreeRadius, and Kerberos. Lets make Open Directory not only more secure to Active Directory, but outright superior.

  25. Re:And ... by Ephemeriis · · Score: 1

    Aside from the Windows machines I have to administer at work, I care because I'm a gamer. Like it or not, Linux does not have terrific support for modern gaming. Yes, I know - WINE and Cedega - I've tried them and they just don't do a good enough job. I run Linux at home as my primary machine, but I also have several gaming PCs running Windows.

    --
    "Work is the curse of the drinking classes." -Oscar Wilde
  26. Ok by Superpants · · Score: 1

    This is news is like saying today is Friday is news. In other news today is also the 6th of July and not to mention grocery day. More at 11.

  27. Bring on the news! by Gription · · Score: 4, Insightful

    The real point is why is this considered news that needs to be released to /. ?
    They have released this quantity of patches before...
    Often...

    This is like walking outside and exclaiming in surprise, "Look everybody! There's still air out here!!!"

    1. Re:Bring on the news! by edittard · · Score: 1

      Maybe the news is that it's only six?

      --
      At the bottom of the /. main page it says 'Yesterday's News'. Well they got that right.
  28. Once and for all NAT firewall by spectrokid · · Score: 2, Informative

    Imagine all your PC's have their own IP address. (Scenario more likely if you have IPV6). You can put a firewall where your NAT used to be, have all the advantages of NAT and none of the disadvantages. NAT is an ugly hack which, by pure coincidence, turns out to have some firewall-ish features.

    --

    10 ?"Hello World" life was simple then

  29. Re:Let's help the subbys and editors with this cho by Silver+Sloth · · Score: 1

    Lazar beans

    That's right the mascara snake Ah, Trout Mask Replica, that was a great album.
    --
    init 11 - for when you need that edge.
  30. Which of these things, doesn't belong here... by Dekortage · · Score: 1

    "Excel, XP, Vista, Server 2003..."

    I know, this shouldn't affect me, but it still boggles my mind (a little) that we need security updates for a SPREADSHEET APPLICATION. An OS? Server software? Sure. But Excel? It's a sad commentary on Microsoft's software that such a thing is necessary.

    --
    $nice = $webHosting + $domainNames + $sslCerts
    1. Re:Which of these things, doesn't belong here... by Froqen · · Score: 1

      > it still boggles my mind (a little) that we need security updates for a SPREADSHEET APPLICATION. An OS? Server software? Sure. But Excel? It's a sad commentary on Microsoft's software that such a thing is necessary.

      That has nothing to do with Microsoft, anything that touches data that someone else generated can have a security vulnerability, which is almost everything you would ever want to run in this crazy internet enabled world of ours.

    2. Re:Which of these things, doesn't belong here... by PhxBlue · · Score: 1

      That has nothing to do with Microsoft ...

      I'm not so sure I agree. Why does a spreadsheet need to be able to run extensive VBA code?

      --
      !#@%*)anks for hanging up the phone, dear.
    3. Re:Which of these things, doesn't belong here... by Dekortage · · Score: 1

      That has nothing to do with Microsoft, anything that touches data that someone else generated can have a security vulnerability, which is almost everything you would ever want to run in this crazy internet enabled world of ours.

      Really? If I generate a spreadsheet of budget projections for a project, and I send it to my colleagues for review, there's absolutely no reason why they should have to worry about the file somehow pwning their PC. If my mother uses Excel for organizing names and addresses for my sister's wedding, and sends it to me for some formatting issues, I shouldn't have to worry about somehow losing data because I'm using someone else's spreadsheet.

      It is simply a sad state of affairs that Excel has the power to corrupt or expose your computer. And that is definitely a Microsoft problem. I suspect that OpenOffice's spreadsheet, or AppleWorks' spreadsheet, do not have the same security issues, whether or not you share data with someone else.

      --
      $nice = $webHosting + $domainNames + $sslCerts
    4. Re:Which of these things, doesn't belong here... by phildo420 · · Score: 2, Informative
      Excel doesn't simply contain data. There are whole applications built around and through Excel. Excel can call .NET code, access SQL databases, and transfer/collect information over the web with the proper coding and tools.

      We have a fairly strong infrastructure of MATLAB, Excel, SQL, and Access (all working together) for handling incoming data, processing it, creating easy to read and edit reports with pretty charts for the CEO types, and finally storing it and analyzing it for future access.
      We typically receive the data in Excel and do some basic transformations into Access (rarely do our clients understand Access) where we can do some of the simpler SQL stuff (not everyone here understands SQL) and push the main data into SQL. From here, Matlab can pull the data out in the formats it needs, run some calculations, and spit out pretty results to Excel that can be sent directly to our clients for review -- charts and all.

      I can imagine dozens of ways to use Excel to compromise a system, but the important thing here is that idiots shouldn't open and run macros in Excel if they don't know what they do, or where they come from. Excel is the winning spreadsheet for us because we can do absolutely anything in it -- from simple optimization algorithms, to a piece in a larger application.

      If some of you Microsoft haters actually understood some of the power within the Office group (interop is wonderful) then you might not hate it quite so much.

    5. Re:Which of these things, doesn't belong here... by Dekortage · · Score: 1

      Nice assumptions. I'm not a "Microsoft hater" in the least. Like anything: when their software works, it works great.

      Anyway, you said "Excel doesn't simply contain data. There are whole applications built around and through Excel. Excel can call .NET code, access SQL databases, and transfer/collect information over the web with the proper coding and tools." That is all very true -- for technically expert people. (I've worked on Excel/Access/internet integrated apps in the past.) For the vast majority of Excel users, however, Excel DOES just simply contain data. Or at least that's all they expect from it. And if average people put their computers at risk just by opening Excel files, then it's a problem. Just because they are not computer experts, does not mean they are idiots.

      It's as if I complained that Brand X knives break too easily under normal household use, and you responded that professional chefs use Brand X knives because they can use it to cook six-course meals with one hand tied behind their backs. Well, yay for chefs. We're still talking about something being dangerous for normal, average people doing normal, average things -- and it shouldn't be dangerous.

      --
      $nice = $webHosting + $domainNames + $sslCerts
    6. Re:Which of these things, doesn't belong here... by dave562 · · Score: 1
      If some of you Microsoft haters actually understood some of the power within the Office group (interop is wonderful) then you might not hate it quite so much.

      With power comes responsibility. In this case the responsibility is to make sure that things are secure. I tend to agree with you that the Office suite is extremely powerful and interoperates very well. With 2007 and SharePortal it is becoming even more useful for workflow/process automation kind of work. However the problem is that Microsoft focuses on functionality first and security second. That has always been the case and probably always will be. I'm just glad that they are patching things on a regular basis these days. Sure there will always be people who say, "Ah ha!! See, they released more patches, Microsoft software sucks!!" However I've been working in corporate IT for over a decade at this point and I've yet to see any computer owned by an Excel macro virus. The last time I saw any Office related exploit in the wild involved malicious code in the normal.dot file on an Word 97 installation... in 1998.

  31. Why wait? by Blackknight · · Score: 1

    Hmm, so this means we have a free week to use these exploits.

  32. Re:Let's help the subbys and editors with this cho by Henneshoe · · Score: 1

    Always click 'Ok' or 'Allow'

    I am no windows programmer, but I always wondered, if you were going to make some malware program, couldn't you map the OK button to cancel and the cancel button to OK? That way if the user tries to press cancel they end up running whatever code you wanted them to. I am probably missing something here because if that was possible it would probably be done already.
  33. I thought Thursday was the slow news day? by Mike+Savior · · Score: 1

    This kind of crap will never be news. People who find this information important without a doubt will find it handy, but to the folks here at /. and like sites, it's just feeding a needless fire. Yes, we collectively hate Microsoft. I don't particularly care for them either - but at the same time, -every- OS releases patches, frequently. Some of them may break things. Some of them may fix things. No OS is spared from the same kind of crap that happens to any other OS, so why does everyone have to put MS on the dart board every time they want to patch the OS tons of people use? I'm not sticking up for them by all means- it's tiring to hear, though. I would probably get replies of "then you should leave!" or something witty in retort, but maybe I'm not the only one that feels this way, about MS news in general. It's truly no different than when a patch comes out for our beloved Linux kernel or some far fetched news about an OS X patch is released- it will just become an ass kissing fest instead of a crucification ceremony.

    --
    space is pretty cool.
    1. Re:I thought Thursday was the slow news day? by hidave · · Score: 1

      And don't forget affect = verb: to produce an effect upon and effect = noun: result

      --
      Synchronizing stop lights across the US = one less nuclear power plant
  34. Re:And ... by Ash-Fox · · Score: 1

    Because my software of choice that I use to create music and graphics does not run on Linux. Don't bother listing "alternatives" -- I know about them already and they aren't alternatives as long as I have to jump through hoops or have to give up what I use now.

    Security is not an issue; I'm not running a virus or spyware scanner here because it steals away precious resources from my music software. Learning Linux is not even an issue; you'd have to convince the corporations making the gear I use to switch.
    Translation: I am a Windows user.
    --
    Change is certain; progress is not obligatory.
  35. You forgot that everybody here uses by Bearhouse · · Score: 1

    [] AmigaOS!

  36. Re:And ... by code65536 · · Score: 1

    And any self-respecting Windows sysadmin will know that next Tuesday is Patch Tuesday and that PT (2nd Tues of every month) is when security updates are always released (except for emergency updates released out of cycle, but those are very rare).

    So if you're a sysadmin, this is not news--well, at least, this should not be news.

    Second, if you're a sysadmin who administers many Windows machines and knowing the number of updates is somewhat important, then you should already know that Microsoft posts announcements about upcoming PT patches a week in advance and you should already know exactly where to see such announcements. You most certainly do not need /. to tell you 24 hours after the fact.

    Finally, only 2 of the 6 updates apply to WinXP. Others apply to Vista, Office, Publisher, and other products.

  37. However... by DimGeo · · Score: 2, Informative

    ... The only Vista bug that I can see in this bulletin is "Moderate", not "Critical". That's because there are multiple levels of protection, kinda like those in OpenBSD and SELinux. Remember, NSA had a say in Vista's design. There is Mandatory Integrity Control (something not widely known, I believe it's separate from UAC and is mostly under-the-hood stuff), Address Space Randomization, buffer guards, low-integrity for IE, reduced privileges for services, nothing can escalate without an in-your-face irritating UAC (Union Aerospace Corporation, anyone?) prompt, and of course, lots of pixie dust I can't talk about. So in case there's a buffer overflow (take the ANI bug for instance) - there are a few layers of mitigation that seem almost unbreakable *AT THIS TIME*. I'm yet to read news about a pwned Vista box. I'm sure it's possible that some clever guy somewhere will write an exploit that dodges all that stuff, but it obviously is taking much, much longer than with any other OS, except, of course, for OpenBSD (kudos there) :) . Of course there will be bugs in legacy code that are still there. But layered security and systematic elimination of bugs work.

    Microsoft *did* hire some of the best security experts available lately. And I can say it shows. At least now I feel not very scared to use IE when I have to.

    Then of course, everyone loves "Free Games!!!11eleven", mushy-mushy desktop pets, free trial CDs, free money from your late uncle from central Boozemania or whatever. If your user account gets pwned, and your user has access inside the network of your company, you're toast no matter what OS you run.

  38. VBA code has nothing to do with it by r00t · · Score: 1

    Lately, it's been plain old buffer overflows. Something has to read the *.doc file. Reading files is not hard, unless you need to avoid crashing on corrupted documents. (crashing means exploitable)

  39. every app has this kind of bug by r00t · · Score: 1

    Microsoft does not have a monopoly on plain old buffer overflows.

    Something has to read the *.doc file. Reading files is not hard, unless you need to avoid crashing on corrupted documents. (crashing means exploitable)

    Open up an OpenOffice file as a zip file. Look at the XML. Scramble it a bit. Zip it all up again. Watch OpenOffice crash. Write an exploit.

  40. Thank you, everybody by CaptainZapp · · Score: 1
    I answer your post represantively for everybody that stepped in and tried to help. I did the error code google search stik and in essence it leads to that: A file is blocked while WU tries to install the new version. Usually this is triggered by virus scanners. I even went so far to uninstall the Antivirus software to no avail.

    Re-installation is not an option because the restore DVD is totally binary. You can flatten the whole thing or not and I'm not inclined to obtain a dodgy pirate copy for a software I payed for. I downloaded Windizupdate and give it a shot. I should see afte Tuesday.

    Anyway, there's really not a lot that Linux can't do for me at this point in time. So I may flatten it in the end, maybe not quite in a way which Microsoft deems desirable.

    Anyway, thanks everybody. People stepping in and trying to be helpful is sure one of the powerful things of /. even if you're so frustrated and agonized by the procedure that you're beyond seeking help :)

    --
    ich bin der musikant

    mit taschenrechner in der hand

    kraftwerk