Linked by Thom Holwerda on Wed 12th Apr 2006 18:30 UTC
Microsoft Microsoft's dominant Internet Explorer browser has undergone a major security makeover to plug 10 vulnerabilities that puts millions at risk of PC takeover, address bar spoofing and information disclosure attacks. The monster IE update includes a fix for the 'createTextRange()' code execution flaw that caused zero-day drive-by downloads and a significant modification to the way the browser renders certain ActiveX controls. In all, Microsoft shipped five bulletins with patches for 14 different vulnerabilities in a range of Windows products. At the same time Microsoft has begun requesting that users upgrade their ME/98 machines because support ends July 11th, 2006.
Thread beginning with comment 114286
To view parent comment, click here.
To read all comments associated with this story, please click here.
prismX
Member since:
2005-08-19

There are several issues affecting immediate patch release. Patch quality and compatibility test is one of them. Windows is very sofisticated OS and it runs on the majority home and business workstations with millions of different settings and configurations. MS should provide patch able not only solve a specific problem, but also this patch should not break applications, specific configurations. It is especially important for business users. Of particular importance, not to break compatibilities too.
Another minor issue: sysadmin cannot update every time the a huge numbers of workstation, system administration requires scheduling, so patch release date is very good for business computing. And if some serious issue exists, sysadmin may tighten security, change some setting to prevent the security bug exploit, so good sysadmin is not so unequivocally dependent on the OS patching.

The fact that MS patches products shows that they work hard to improve their product, if somebody does not like this nobody convinces him to update Windows, it is personal problem of each one, but it is wonderful that for a short time Apple released 6 big updates for their fanfared Tiger in additional regular patches, but nobody even think to blame them.
People must understand that never mind bugs are identified or are not they are bugs. THe difference between Apple and MS is that Apple is praised for everything it is doing, MS is shamed for everything is done. All this and of course other aspects makes me think that most of people are not able for consecutive logical thinking, they are deeply dependent trade tricks and advertising compaigns...
It is very pity....

Reply Parent Score: 5

ma_d Member since:
2005-06-29

Well, actually, Sasser convinced a lot of people to run their updates. But I suppose inanimate worms aren't really "someone."

Reply Parent Score: 1

lemme Member since:
2006-04-13

>MS should provide patch able not only solve a specific problem, but also this patch should not break applications, specific configurations.

Patch that can break apps which wasnt broken on unpatched vulnerable system?

_Patch_ that can break _configuration_?

/me is looking at "Designed for Windows XP" sticker...Highly compatible? High code quality?

Oh my...

Reply Parent Score: 2