Slashdot Mirror
Microsoft's Emergency Internet Explorer Patch Renders Some Lenovo Laptops Unbootable (betanews.com)
Earlier this month, Microsoft issued an emergency patch for Internet Explorer to fix a zero-day vulnerability in the web browser. The problem affects versions of Internet Explorer from 9 to 11 across multiple versions of Windows, but it seems that the patch has been causing problems for many people. Specifically, people with some Lenovo laptop have found that after installing the KB4467691 patch they are unable to start Windows, reports BetaNews.
If an OS stops booting because of a web browser then you know it's built on shit coding practices.
Remove Windows, install real OS. Problem solved.
Another demonstration of the fact, which Microsoft's execs testified to under oath, that IE hooks into the operating system in ways that other browsers do not. This makes security issues in IE more dangerous.
A bug in Chrome, or even randomly deleting Chrome files, doesn't make Windows unable to boot. No Firefox bug can ever make the system unbootable. Trying to fix IE makes the system unable to boot, because IE has its claws sunk into the operating system.
Therefore security issues in IE are more likely to affect the underlying operating system. Whenever I mention that on Slashdot, people agrue, saying I'm wrong. But here we see that trying to fix a security issue in IE makes the OS unbootable - IE security is tied into the OS. That's one more reason to avoid using Microsoft's browser.
so they could skirt around European anti-trust rules that said they couldn't bundle a competitive product with an unrelated product (since that would be an abuse of their defacto OS monopoly). This way they could go to the EU and say "See, it's not that we're bundling IE with Windows in order to leverage our monopoly and break open Internet standards, it's just every so crucial to our OS". Worked too. The downside is everytime IE breaks it takes everything with it.
Take a bad engineering decision by Microsoft and you'll almost always fine evil, and not incompetence, at the heart of it.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
That's one bonus for Microsoft.
Historically, how it happened was in the early 1990s, before the web, Microsoft spent a ton of money building a really cool technology. The sudden rise of the web screwed up their plans and they had to scramble to try to salvage some of their investment.
They had something called OLE, Object Linking and Embedding. Basically it let you put one document inside another - a picture inside a spreadsheet, a song in a Word document. Microsoft spent lots of money and time building on this idea, it was their "big new thing", an OS (shell) and programming tools built around this concept. This next generation of OLE was called COM. Just before the release in Windows 95, something interesting happened.
As Microsoft was about to start the big PR blitz showing how not only could your Word documents contain pictures, but even your desktop could contain active programs, along came "IMG src". Even "TD IMG src" - you could have a table with an embedded picture with no proprietary Microsoft technology needed. Microsoft's "big new thing" was suddenly outdated as a overly complex, over-engineered mess just as it was released. Fuck! Literally their were a lot of Fun bombs at Microsoft when they saw the rise of HTML, with its simplicity.
So here's Microsoft with a billion dollars invested in a system for embedding pics in your documents and your desktop, suddenly not needed because HTML does documents with embedded pics and sounds so much simpler. What can Microsoft do to save their investment?
They route they chose was to rename COM to "ActiveX" and pitch it as a web technology. Internet Explorer became the most important ActiveX container. Instead of focusing on an Active Desktop, the sales pitch was to use this on the web, with ActiveX web pages. What was originally supposed to be done by the File Explorer shell now needed to be done by the browser, so the two projects merged to become Explorer. The desktop shell Explorer and the browser Explorer were the same code with a different wrapper.
Over time, the competitive issues you pointed out became more important.
Someone may point out "that was 20 years ago". Yes, it was. This post is a history lesson in how we got here.
What the hell is an "agrue"? Is it similar to an alot?
I disagree. It's more likely that some Lenovo crapware had it's hooks into Windows AND IE and when Microsoft fixed the issue, the Lenovo crapware broke the system. Let's not forget Superfish....
https://en.wikipedia.org/wiki/Superfish#Lenovo_security_incident
I know it's fun and exciting to blame a web browser hotfix for a booting problem..... especially when it's Internet Explorer, right? But..... ahhh, shit, hate to spoil the fun, but this is just another case of "journalists" not doing the bare minimum of reading before shitting out another article they'll get paid $10 for.
This booting problem with Lenovo laptops has existed for a month and a half -- it was introduced in the November 2018 cumulative security update. It even says so right there in the patch notes! But because these "journalists" don't know how to read anymore, we end up with Slashdot articles like this one that don't have the correct information in them.
All Windows patches are now cumulative, so sure, if you apply the IE hotfix to a machine that is three months behind in updates, then you can hit this problem. But it's not the IE part that's causing it.
Here's an article that Microsoft added to MSDN in 1995.
The second half of the article covers iDispatch, a style of COM interface.
https://web.archive.org/web/20...
Here's the 1996 Microsoft announcement officially announcing the ActiveX name and their strategy for presenting it as a web technology, in which they say "ActiveX controls (formerly COM components)". The Microsodt announcement says thousands of COM/ActiveX components were already available, but could now be used in the web browser (IE 3.0).
According to Microsoft's announcement, ActiveX controls" were formerly called "COM components". According to their announcement, many companies had already been making them, as "COM" for desktop software, prior to IE 3.0 supporting them and the change to the ActiveX branding.
One reason I remember this so clearly is that I was one of the people making COM components at the time it was rebranded ActiveX. I know I didn't have to change my software in order to make my existing COM components, including a styleable linear "slider" control I designed, into ActiveX components - the only change was the branding.
You are correct that Active Desktop was September 1997.