Linked by Thom Holwerda on Wed 12th Apr 2006 18:30 UTC
Microsoft Microsoft's dominant Internet Explorer browser has undergone a major security makeover to plug 10 vulnerabilities that puts millions at risk of PC takeover, address bar spoofing and information disclosure attacks. The monster IE update includes a fix for the 'createTextRange()' code execution flaw that caused zero-day drive-by downloads and a significant modification to the way the browser renders certain ActiveX controls. In all, Microsoft shipped five bulletins with patches for 14 different vulnerabilities in a range of Windows products. At the same time Microsoft has begun requesting that users upgrade their ME/98 machines because support ends July 11th, 2006.
Thread beginning with comment 114274
To view parent comment, click here.
To read all comments associated with this story, please click here.
anyweb
Member since:
2005-07-06

so, for someone reinstalling windows xp pro (the article didnt mention whether it was xp gold, xp sp1, xp sp2 then you could assume that it was xp gold, and that the end user had to download all patches (and/or service packs) released since then.

big download ? yep, big deal.

Try installing a linux distro from the time that xp was released and do apt-get update && apt-get upgrade -y or yum -y update (or whatever your distro wants to update itself)

then check how many megs of updates are downloaded....


i've had similar issues with fresh installs of distros recently released, especially if it involves openoffice.

I am glad that Microsoft are patching their products, however i'd like to see them be more flexible on the timeframe of patch releases,

in other words, it would be great if they could release patches to 'critical' issues as soon as possible - instead of end users having to resort to third party patches to alleviate the issue.

cheers
anyweb

Reply Parent Score: 4

prismX Member since:
2005-08-19

There are several issues affecting immediate patch release. Patch quality and compatibility test is one of them. Windows is very sofisticated OS and it runs on the majority home and business workstations with millions of different settings and configurations. MS should provide patch able not only solve a specific problem, but also this patch should not break applications, specific configurations. It is especially important for business users. Of particular importance, not to break compatibilities too.
Another minor issue: sysadmin cannot update every time the a huge numbers of workstation, system administration requires scheduling, so patch release date is very good for business computing. And if some serious issue exists, sysadmin may tighten security, change some setting to prevent the security bug exploit, so good sysadmin is not so unequivocally dependent on the OS patching.

The fact that MS patches products shows that they work hard to improve their product, if somebody does not like this nobody convinces him to update Windows, it is personal problem of each one, but it is wonderful that for a short time Apple released 6 big updates for their fanfared Tiger in additional regular patches, but nobody even think to blame them.
People must understand that never mind bugs are identified or are not they are bugs. THe difference between Apple and MS is that Apple is praised for everything it is doing, MS is shamed for everything is done. All this and of course other aspects makes me think that most of people are not able for consecutive logical thinking, they are deeply dependent trade tricks and advertising compaigns...
It is very pity....

Reply Parent Score: 5

ma_d Member since:
2005-06-29

Well, actually, Sasser convinced a lot of people to run their updates. But I suppose inanimate worms aren't really "someone."

Reply Parent Score: 1

lemme Member since:
2006-04-13

>MS should provide patch able not only solve a specific problem, but also this patch should not break applications, specific configurations.

Patch that can break apps which wasnt broken on unpatched vulnerable system?

_Patch_ that can break _configuration_?

/me is looking at "Designed for Windows XP" sticker...Highly compatible? High code quality?

Oh my...

Reply Parent Score: 2

smitty Member since:
2005-10-13

Try installing a linux distro from the time that xp was released and do apt-get update && apt-get upgrade -y or yum -y update (or whatever your distro wants to update itself)

True, but to be fair you should really only update the kernel (not kernel sources), a few libraries, and DE (GNOME or KDE). Because that is all that XP provides (actually quite a bit less than KDE). Otherwise you should include updates for MS Office, Visual Studio, etc. into the Windows updates as well.

Reply Parent Score: 2

ma_d Member since:
2005-06-29

Ya know, there's a good reason why the apt update size and windows update size are completely incomparable:
1.) Apt just reinstalls the offending package. Microsoft reinstalls the offending file(s).
2.) Apt contains tons of feature upgrades, Microsoft typically makes those optional/recommended.

The really obnoxious thing about winupdate to me is redoing it, over and over. It'd be nice if they could at least fully automate it to where I start it. It runs. It reboots. It runs again (without me saying anything). It reboots, etc. Is there a program out there that does that which I should remember?

And for those who only have a WinXP cd, I think Microsoft will ship you an SP2 cd as a small fee these days.

Reply Parent Score: 1

lemme Member since:
2006-04-13

download sizes comparsion: hmm...

first note: can you feel the difference between security fix and updating to _new version_?

second note: can windows update (or microsoft update) help any particular user update, say, acrobat reader? yum and apt-get (or whatever app your whatever distro is using for updates) can.


microsoft patch release timeframe...yep, here i completely agree w/you

cheers
lemme

Reply Parent Score: 1

dylansmrjones Member since:
2005-10-02

Well, you only have to install the security fixes and critical bugfixes. All the small trivial point releases should not be counted. Only security fixes and critical bugfixes as these are the only equivalents to Microsofts updates.

And then it's a completely different matter when updating GNU/Linux. We are then talking about a few MBs, that's all.

Reply Parent Score: 1