×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Patches 19 Flaws, 6 in Vista

Zonk posted more than 6 years ago | from the many-patches-makes-os-work dept.

307

Cheesy Balogna writes "Microsoft has just released seven advisories — all rated critical — with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Six of the 19 vulnerabilities affect Windows Vista. 'There are patches for 7 different vulnerabilities that could lead to code execution attacks against Word, Excel and Office. Users of Microsoft Exchange are also urged to pay attention to one of the critical bulletins, which cover 4 different flaws. A cumulative IE update addresses six potentially dangerous bugs. There are the six that apply to IE 7 on Windows Vista. The last bulletin in this month's batch apples to CAPICOM (Cryptographic API Component Object Model) and could also put users at risk of complete system hijack attacks.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

307 comments

Most secure windows ever! (5, Funny)

A beautiful mind (821714) | more than 6 years ago | (#19053087)

Hm...I guess they leveraged the active synergies to stop the probes but the active hardening failed on the SuperHyperVista3000 edition.

Oh wait, you did expect real security instead of buzzwords?

Re:Most secure windows ever! (1, Funny)

Anonymous Coward | more than 6 years ago | (#19053215)

Actually I expect a bunch of monday morning quarterbacking from a horde of slashdot users who should be working. Ah, the day after patch tuesday.

Re:Most secure windows ever! (5, Funny)

BrewedInTexas (971325) | more than 6 years ago | (#19053715)

Actually I expect a bunch of monday morning quarterbacking from a horde of slashdot users who should be working. Ah, the day after patch tuesday.
You've got some serious issues with the days of the week.

Re:Most secure windows ever! (0, Troll)

Wakko Warner (324) | more than 6 years ago | (#19053941)

i sort of expected some anonymous pussy to post something inflammatory, too.

When Linux starts doing this: (0)

Anonymous Coward | more than 6 years ago | (#19053801)

You have just been raped by our new improved IE7. Look out for more exciting features with IE 8

>Switching to Firefox

Wait...hang on..I may have something in the back
Windows Incrediblizer patch for IE7.

>Whatever...wait..Firefox is no longer default

You have just been raped by our new improved and patched IE7. Look out for more exciting features with IE 8

>Remove IE7

Wait...wait...Deleting Firefox. Installing back orifice..

>Aghhhhhhhhhhhhhh!

Linux patches? (5, Insightful)

stevenbdjr (539653) | more than 6 years ago | (#19053105)

When are we going to start seeing regular Slashdot postings outlining Linux or other free software security patch releases in the same accusatory tone that the monthly Microsoft security bulletin releases bring? No, I'm not trolling, but I'm getting sick of the clear bias Slashdot editors (and most readers) have when it comes to matters of Microsoft.

(I can feel my karma slipping away, but I couldn't take it anymore).

Re:Linux patches? (3, Insightful)

varmittang (849469) | more than 6 years ago | (#19053171)

We do, its usually for Firefox bugs, because that is Linux to the rest of the world. But then comes the trolls that point out that it was fixed in a matter of hours and not weeks or months.

Re:Linux patches? (4, Funny)

QuickFox (311231) | more than 6 years ago | (#19053287)

But then comes the trolls that point out that it was fixed in a matter of hours and not weeks or months.
Don't blame it on the trolls, they only report it here. It's the open-source developers' fault. Why can't they wait for some time and give Microsoft a chance?

Re:Linux patches? (1)

Score Whore (32328) | more than 6 years ago | (#19053969)

While it's not exactly a security problem (if you don't count self inflicted DOS attacks) but the continuing lack of a linux sky2 ethernet driver that doesn't lock up sets the bar pretty low.

But ultimately, you have to decide. Are you going to compare a transmission to a car? Or are you going to compare a car to a car?

Re:Linux patches? (4, Funny)

QuickFox (311231) | more than 6 years ago | (#19054203)

While it's not exactly a security problem
What makes you think it's not about security? If the ethernet driver locks up nobody can hack you.

Re:Linux patches? (2, Interesting)

EvilRyry (1025309) | more than 6 years ago | (#19053317)

It's not really trolling if its true (which it often is). Then there's also the differences in how each group determines whats a vunerability. Fedora Core for example patches many security issues (and they get counted as such) even when they don't really effect the distro due to things like ExecShield.

Re:Linux patches? (3, Interesting)

A beautiful mind (821714) | more than 6 years ago | (#19053179)

If the linux kernel people would ignore vulnerabilities, downplay them, take months for them to produce a fix, merge distinct vulnerabilities into single advisories and finally try to claim improved security, then I'd guess I would want to see stories about it on slashdot. So what bias?

Re:Linux patches? (0)

LighterShadeOfBlack (1011407) | more than 6 years ago | (#19053427)

The bias is the accusatory tone of the summary (and in this case the article itself). If you don't like the way Microsoft handles bug fixes then fine, write an article about how much it sucks and submit it so that it is clearly shown as an opinion peice.

But if someone submits something which is supposedly just news of security fixes being released then that should be neutral. If it's relevant let the reader know when the security issues became known, but let the reader reach their own conclusions on whether Microsoft took too long or did something underhanded. That's the problem with /. right now, everything submitted is drenched in someone's partisan opinion, there's no distinction between news (remember, this is supposed to be a news site) and opinion peices.

Re:Linux patches? (1)

brunascle (994197) | more than 6 years ago | (#19053489)

The bias is the accusatory tone of the summary
what part of the summary sounds accusatory to you? didnt RTFA, so cant comment, but to me the summary sounds very objective.

Re:Linux patches? (-1, Troll)

Wakko Warner (324) | more than 6 years ago | (#19054095)

what part of the summary sounds accusatory to you?

There isn't any.

He's just an idiot trying to get his comment modded up. And it worked. Good for him!

Re:Linux patches? (2, Insightful)

TommydCat (791543) | more than 6 years ago | (#19053623)

I didn't read anything accusatory or noted a demeaning tone in the summary. I think many here bring their own bias ready to start an argument (either for or against). To me, the summary is just stating that patches are now available, they are labelled "critical", and the users of this site may be interested as many of them own, use or deal with Microsoft operating systems on a daily basis.

What conclusion is the summary supposedly spoon-feeding me?

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053685)

Simply stating facts does not make for an accusation. What wrong-doing by Microsoft is being implied the summary, or even the TFA? Sounds to me that you're just Microsoft fanboi or shill trying to deflect the embarrassing fact that Microsoft makes extremely insecure software.

BTW, that last sentence is an example of an accusation. I just accused you of being biased commenter and liar. Idiot. (oops, I did it again!)

Re:Linux patches? (3, Informative)

abigor (540274) | more than 6 years ago | (#19053975)

Slashdot is CmdrTaco's blog site. It is biased by its very nature. It makes no claims to objectivity or to be a "true" news site. To put it another way, it's an opinion site by design.

Re:Linux patches? (1, Insightful)

Vexorian (959249) | more than 6 years ago | (#19054263)

I read the summary:

"Microsoft has just released seven advisories -- all rated critical -- with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Six of the 19 vulnerabilities affect Windows Vista. 'There are patches for 7 different vulnerabilities that could lead to code execution attacks against Word, Excel and Office. Users of Microsoft Exchange are also urged to pay attention to one of the critical bulletins, which cover 4 different flaws. A cumulative IE update addresses six potentially dangerous bugs. There are the six that apply to IE 7 on Windows Vista. The last bulletin in this month's batch apples to CAPICOM (Cryptographic API Component Object Model) and could also put users at risk of complete system hijack attacks.
I guess:

Market leader Microsoft cares about security, and have fixed 19 security flaws proving that their software is always up to the fight against wholes and demonstrating that Vista is a medium that fights security in revolutionary ways.
Would have been less of that accusatory tone you are talking about.

Re:Linux patches? (2, Insightful)

suv4x4 (956391) | more than 6 years ago | (#19053453)

If the linux kernel people would ignore vulnerabilities, downplay them, take months for them to produce a fix, merge distinct vulnerabilities into single advisories and finally try to claim improved security, then I'd guess I would want to see stories about it on slashdot. So what bias?

Right there in the first sentences of that quote, that bias. Those are released patches, not "downplayed patches" or "ignored vulnerabilities". Those are actual fixes, released on a monthly basis.

If Microsoft would ignore it, we get "microsoft ignores it!" article on Slashdot. If they release a patch, we get "omg critical patch for Windows" article on Slashdot.

It's ridiculous.

Also how about claims of security and bending truth, just like you prove it yourself, Linux fanboys twist the truth about Linux far more often than Microsoft does with Windows. Anything goes.

Re:Linux patches? (3, Insightful)

drinkypoo (153816) | more than 6 years ago | (#19053553)

Right there in the first sentences of that quote, that bias. Those are released patches, not "downplayed patches" or "ignored vulnerabilities". Those are actual fixes, released on a monthly basis.

Microsoft has frequently been caught knowing about a bug for months before a patch is released.

When they get caught they claim they're doing QA, but past experience with Microsoft patches suggests that they are doing no valuable testing anyway.

If they had ever demonstrated trustworthiness, they might be trusted a bit. As it is, they have demonstrated time and again that they will fuck you over and lie about it.

If you appreciate the way Microsoft treats you, then you are free to sing their praises. But it doesn't make you right.

Re:Linux patches? (2, Insightful)

suv4x4 (956391) | more than 6 years ago | (#19054041)

Microsoft has frequently been caught knowing about a bug for months before a patch is released.

When they get caught they claim they're doing QA, but past experience with Microsoft patches suggests that they are doing no valuable testing anyway.

If they had ever demonstrated trustworthiness, they might be trusted a bit. As it is, they have demonstrated time and again that they will fuck you over and lie about it.

If you appreciate the way Microsoft treats you, then you are free to sing their praises. But it doesn't make you right.


That's what pisses me off with fanboys: they don't get context at all. For them any article with "Microsoft" in it, is a reason enough to recycle the entire 30 years of Microsoft faults in a single post. Over and over.

Let's see what's the event at case: regular monthly patches for Windows. That's it.

I, and some other people just asked for objective opinions: there's no "ignored vulnerability" or "delayed responce" in THIS ONE CASE. There is NO reason to regurgitate past faults of Microsoft every single month, when completely predictably, the patches are released.

But all of those are treated as an excuse for doing just that.

So you response is that "I'm singing praises for Microsoft". There's basically no way to argue with you guys. Keep living in your imaginary world, I hope you're happy there.

Re:Linux patches? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#19054205)

Microsoft has frequently been caught knowing about a bug [... snip drivel ...] past experience with Microsoft patches suggests that they are doing no valuable testing anyway [... snip drivel ...] they have demonstrated time and again that they will fuck you over and lie about it.


Stop for a second, and ask yourself: "why on earth I just recited my whole Microsoft bashing repertoire in response to a mere boring monthly patch release".

Think about it hard, and then consider again who's the ridiculous one in this discussion.

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053503)

Well, I thought these type of stories were here to advise people of updates, but I guess not then.

Re:Linux patches? (1)

Jackie_Chan_Fan (730745) | more than 6 years ago | (#19053947)

linux must be flawless then huh? If they're patching it so fast and fixing everything immediately, what is left to fix?

So linux has no defered bugs? hmmm

I doubt that.

Re:Linux patches? (1)

Wakko Warner (324) | more than 6 years ago | (#19054179)

There's a bit of a difference between "the driver for this USB implementation sometimes crashes the box" and "there's a giant, gaping security hole in every release of this operating system".

If you're going to make straw-man arguments, you really ought to try harder.

Re:Linux patches? (5, Insightful)

PixieDust (971386) | more than 6 years ago | (#19054255)

I invite you to investigate this site [packetstormsecurity.org] which holds no immediate bias in it's reporting of security advisories, patches, problems and exploits. Look at the average turnaround time for patches, fixes, and responses to security problems. You will find out that Microsoft isn't as bad as everyone likes to pretend it is, nor is it's flagship Windows OS. Also to, I find it ironic that whenever someone points out a problem that affects Linux, people are like "But that's not the OS, it's (insert kernel module, driver, app, whatever) that is (insert special circumstance here).", but when it's Microsoft, they're all lumped together as "OMGz! Windoze h4x!". This includes vulnerabilities in Word, and Excel (and something else from the Office Suite, can't remember though atm), and additionally mentions Exchange. Exchange runs on a server platform, but ok, I'm not going to get into semantics on that (I assume they meant Outlook, though even if it was Exchange, it's still a fix, or at least an attempt at one).

I am the first to admit that Microsoft has problems with security, but it's a problem that plagues the entire industry. Linux, Unix, Windows, Mac, websites, forms, applications, EVERYTHING. It's a problem in how the industry approaches security. It goes far beyond Microsoft. The entire industry has this "Get it working now, patch it later" mentality. It's the "Default Allow" instead of "Default Deny" approach. There is NO reason Buffer Overflow attacks should work... EVER. Period. How hard is it to check your buffers, and make sure you're handling them properly? Very sloppy. Microsoft certainly isn't the best, but they're far from the worst. Don't believe me? Check that website, and all the security advisories for the past few years, and you will notice and interesting trend.

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053191)

Instead of regular postings outlining security patches for other operating systems, how about we just stop with the Windows ones?

I mean hell, this isn't productive news in any sense. Anyone who needs to be aware of MS security patches isn't going to find out about them on Slashdot of all places (or at least they shouldn't if they are competent).

Re:Linux patches? (2, Insightful)

*weasel (174362) | more than 6 years ago | (#19053199)

Probably when they gain a practical monopoly on desktop computing, begin heavily abusing their users and illegally wielding their market control against the rest of the industry.

Re:Linux patches? (4, Funny)

Lord_Slepnir (585350) | more than 6 years ago | (#19053289)

You have listed my fondest dream: To be part of an abusive monopoly that replaced the abusive monopoly that I hated when I was a young college student....*sigh*

Re:Linux patches? (1)

LighterShadeOfBlack (1011407) | more than 6 years ago | (#19053531)

So basically what you're saying is that it's purely because the /. submissions that get through are provided by people who are angry or bitter about Microsoft's position. Illegal monopolies and wielding market control have nothing to do with security fixes but because of the submitter's or the poster's personal feelings about Microsoft it's just fine to make it into an attack?

Re:Linux patches? (2, Insightful)

snoyberg (787126) | more than 6 years ago | (#19053201)

You're right, Slashdot is biased against Microsoft. If you're looking for unbiased news stories, you've come to the wrong place.

Re:Linux patches? (2, Insightful)

Reivec (607341) | more than 6 years ago | (#19053209)

How is this an "accusatory tone"? Looks to me to just be stating the fact that there are some major security patches released that windows users should know about. Microsoft would WANT this information to be spread around so that people patch up and have fewer problems thus relating fewer poor experiences to a Windows problem.

Perhaps you are showing your own bias?

Re:Linux patches? (1, Insightful)

Tribbin (565963) | more than 6 years ago | (#19053231)

Wrong place buddy, no-one will hear you; go cry somewhere else.

It's like going to the Catholic church saying: Why don't you tell me everytime anybody is proven the absence of God?!

Re:Linux patches? (1)

someone1234 (830754) | more than 6 years ago | (#19053249)

I guess you'll have to wait till the first major Linux virus/worm/phishing etc. outbreak.
As long as M$ is so much more vulnerable and targetable you will always perceive a kind of bias.
To your dismay, even if Linux will have a bigger market share, it won't get that much attention from malware creators, because first the technically savvy or at least more aware users will take the leap. Lazy and/or ignorant people are the best target. And I still didn't talk about the big differences between OS security :) I use both systems, but i will never dare to use email in Windows.

20 critical Linux vulnaribilities in one month? (1, Interesting)

MarkByers (770551) | more than 6 years ago | (#19053259)

If there were almost 20 critical vulnerabilities patched for Linux in one month, I think that would be pretty significant news too. The fact that it has never happened is more to do with the either the lack of market share of Linux, or else the bias of the programmers putting more errors into Windows than Linux. Either way, not Slashdot's fault.

Nice +5 troll post though! I will probably save that one so I can use it when I feel like trolling. Hope you don't mind. :)

Re:Linux patches? (4, Insightful)

SnowZero (92219) | more than 6 years ago | (#19053363)

It's a myth that Slashdot has almost all Linux users. It used to be that way, but it has long since been overrun with a more "general computing" crowd. I would bet that if you add up the regular Windows and Mac users, it would outnumber regular Linux users. For UIDs below 100k however, you would probably see a quite different statistic. People only notice Linux users here because we're not at 1-2%, like on almost any other discussion site.

Frankly, I'm now getting tired of the number of posts with the same tone as yours. You lament losing Karma in a sea of angry "Linux-zealot" mods, but I would guess you will be modded up, not down. Enjoy the karma...

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053517)

Who made up the top 25 list? Not someone who is number 26 or below.

Re:Linux patches? (1)

aegisalpha (58712) | more than 6 years ago | (#19054033)

I've noticed this as well. "I'm saying something pro-Microsoft on Slashdot! MY KARMA IS BURNING!"

Most of the time they're modded up if they actually have a point.

Re:Linux patches? (2, Interesting)

just_another_sean (919159) | more than 6 years ago | (#19053429)

I see the recent batch of articles about MS patches as a response to the release of Vista. MS decided that the heavily enhanced security in Vista was worthy of a ton of press so I think it's fair that /. or any other tech site keep track of the validity of these claims, especially in the begining while MS's statements concerning Vista security are still fresh.

Although I do believe that MS made some good improvements to security in Vista it would seem that it's actual performance falls short of their claims. My bias comes from a real desire for security. As an IT guy who administers Windows and Linux boxes I'm interested in stories concerning both. But I think it's fair to state that MS's track record on security warrants a lot more security then Linux.

Summary was incorrect (4, Informative)

SEMW (967629) | more than 6 years ago | (#19053953)

Actually, the summary was incorrect regarding Vista: at least one of the vulnerabilities in question ("Uninitialized Memory Corruption Vulnerability CVE-2007-0944") is not present in Vista, and contrary to the summary's implication, only two out of the Vista vulnerabilities (CVE-2007-0945 and CVE-2007-2221) are rated critical.

Not, of course, that this excuses MS in any way (two is still two too many), but the summary was still rather misleading.

Re:Linux patches? (1)

Cathoderoytube (1088737) | more than 6 years ago | (#19053545)

I'm not so sure it's so much of a bias towards Microsoft so much as it is that German word that everybody learned from the Simpsons. I'm a XP user but I take a bit of German word from Microsoft having to put security patches on an OS they touted as a security power house. In a more reasonable world I'd like to be able to track a series of articles that go from 'Vista security flaws patched' to 'Vista officially abandoned, Microsoft releases service pack 3 for XP' That's just me though.

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053679)

Schadenfreude? Learned that from Avenue Q myself...

Re:Linux patches? (2, Interesting)

Magneon (1067470) | more than 6 years ago | (#19053609)

The problem with this is that Linux patches generally happen individually as soon as the problem is discovered. This way your favorite distro can check on the individual components and alert you to the fact that there are updates. Microsoft on the other hand likes to release a bunch of patches at once, leaving the user vulnerable for a period of hours, days and sometimes weeks.

So no, we don't see 100 preemptive individual patch stories for various linux builds on here every day.

Re:Linux patches? (1)

Ucklak (755284) | more than 6 years ago | (#19053611)

I really saw this as a non news/MS bash bit too but in reality, when MS releases a patch, it's a "Well about time" whereas the Linux camp will find a flaw and fix it immediately which is really a non-news item.

I guess we can walk away with it's patch Tuesday and they're releasing patches. Good for them.

Re:Linux patches? (1)

VW (20318) | more than 6 years ago | (#19053811)

I don't see a pro-Microsoft bias; there are plenty of Apple software updates/patched that make it through. I think what you're really seeing is the Slashdot anti-Linux bias.

Re:Linux patches? (1)

Grendel70 (1000350) | more than 6 years ago | (#19053891)

Couldn't agree with you more. Every time there is an article posted about a Microsoft product, the inevitable flood of postings slagging the company soon follows. While I am not a huge fan of Microsoft, there is a definite tendency to demonize them in these forums. I made a comment to this effect in another article and was immediately moderated as flamebait. Nope, no prejudice here.

Re:Linux patches? (0)

Anonymous Coward | more than 6 years ago | (#19053935)

As soon as people start actually using Linux, of course.

Seconded (1)

matt me (850665) | more than 6 years ago | (#19054023)

Why does the author describe them as 'flaws' rather than bugs, or vulnerabilities if they concern security.

Re:Linux patches? (1)

Wakko Warner (324) | more than 6 years ago | (#19054027)

Could you pretty please point me to the line(s) in the writeup where the author takes an "accusatory tone"?

Maybe I'm just fucking illiterate, or maybe you're just fucking retarded and trolling for karma points, but I don't see it.

"Clear" bias (1)

freeweed (309734) | more than 6 years ago | (#19054107)

I think your current score (+4, Insightful) dispells the myth once and for all of some magic "Slashdot bias" that people continually complain about (and get modded up for). If anything, I'd say there's a clear bias on Slashdot IN FAVOUR OF Microsoft.

Re:Linux patches? (1)

Ngarrang (1023425) | more than 6 years ago | (#19054149)

When are we going to start seeing regular Slashdot postings outlining Linux or other free software security patch releases in the same accusatory tone that the monthly Microsoft security bulletin releases bring? No, I'm not trolling, but I'm getting sick of the clear bias Slashdot editors (and most readers) have when it comes to matters of Microsoft.

(I can feel my karma slipping away, but I couldn't take it anymore).

What? You thought that if you saved enough karma you could trade it in for a night with CowboyNeal or CmdrTaco? *grin* Even karma whores have to give up a few points occasionally.

Re:Linux patches? (1)

QuietLagoon (813062) | more than 6 years ago | (#19054309)

When Linux has 90+% of the worldwide PC installations, then I suspect we will see a similar bias against Linux.

Until then, Microsoft has completely abdicated its responsibility of providing a secure operating system, and should be routinely called to task for that.

So much for Vista's improved security (-1, Troll)

Anonymous Coward | more than 6 years ago | (#19053107)

what a fucking turd

Microsoft can't produce secure code to save their lives. Or ours.

Are we doomed to this shit forever? And don't tell me about firefox, open orifice, and other stopgaps.

OMG M1CR0$0FT i$ s0 3v1L!!!1 (1)

gsonic (885510) | more than 6 years ago | (#19053139)

And this is why you should buy a Mac, because Macs are perfect. *sarcastic*

Twofo GNAA Frosty Piss (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#19053141)

University of Warwick file sharing faggots. [twofo.co.uk]

                        GNU GENERAL PUBLIC LICENSE
                              Version 2, June 1991

  Copyright (C) 1989, 1991 Free Software Foundation, Inc.
          59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.

                                Preamble

    The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.

    When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.

    To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.

    For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.

    We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.

    Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.

    Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.

    The precise terms and conditions for copying, distribution and
modification follow.

                        GNU GENERAL PUBLIC LICENSE
      TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

    0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".

Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.

    1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.

You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.

    2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:

        a) You must cause the modified files to carry prominent notices
        stating that you changed the files and the date of any change.

        b) You must cause any work that you distribute or publish, that in
        whole or in part contains or is derived from the Program or any
        part thereof, to be licensed as a whole at no charge to all third
        parties under the terms of this License.

        c) If the modified program normally reads commands interactively
        when run, you must cause it, when started running for such
        interactive use in the most ordinary way, to print or display an
        announcement including an appropriate copyright notice and a
        notice that there is no warranty (or else, saying that you provide
        a warranty) and that users may redistribute the program under
        these conditions, and telling the user how to view a copy of this
        License. (Exception: if the Program itself is interactive but
        does not normally print such an announcement, your work based on
        the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.

Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.

In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.

    3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:

        a) Accompany it with the complete corresponding machine-readable
        source code, which must be distributed under the terms of Sections
        1 and 2 above on a medium customarily used for software interchange; or,

        b) Accompany it with a written offer, valid for at least three
        years, to give any third party, for a charge no more than your
        cost of physically performing source distribution, a complete
        machine-readable copy of the corresponding source code, to be
        distributed under the terms of Sections 1 and 2 above on a medium
        customarily used for software interchange; or,

        c) Accompany it with the information you received as to the offer
        to distribute corresponding source code. (This alternative is
        allowed only for noncommercial distribution and only if you
        received the program in object code or executable form with such
        an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.

If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.

    4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.

    5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.

    6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.

    7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.

If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.

It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.

This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.

    8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.

    9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.

    10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.

                                NO WARRANTY

    11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.

    12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.

                          END OF TERMS AND CONDITIONS

                How to Apply These Terms to Your New Programs

    If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

    To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

        Copyright (C)

        This program is free software; you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation; either version 2 of the License, or
        (at your option) any later version.

        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
        GNU General Public License for more details.

        You should have received a copy of the GNU General Public License
        along with this program; if not, write to the Free Software
        Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:

        Gnomovision version 69, Copyright (C) year name of author
        Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
        This is free software, and you are welcome to redistribute it
        under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.

You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:

    Yoyodyne, Inc., hereby disclaims all copyright interest in the program
    `Gnomovision' (which makes passes at compilers) written by James Hacker.

    , 1 April 1989
    Ty Coon, President of Vice

This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

Excellent (0)

Anonymous Coward | more than 6 years ago | (#19053157)

So now Vista is perfect! Great, thanks for the good news.

Steve's Fault (0)

Anonymous Coward | more than 6 years ago | (#19053185)

Jobs must have hacked CAPICON

Changes Default Browser (5, Interesting)

Anonymous Coward | more than 6 years ago | (#19053225)

I used Microsoft Update to download and install the new patches last night. Lo and behold, upon reboot, Mozilla Firefox was no longer my default browser. It appears one of the new patches resets Internet Explorer as the default browser. Easy enough to fix, but why would a patch change a system's default browser in the first place?

Re:Changes Default Browser (2, Informative)

Kandenshi (832555) | more than 6 years ago | (#19053333)

Happened to me as well, which was ... confusing.

Then I adjusted my thinking to Microsoft's point of view and tried to figure it out.

Now that IE7 is patched, it's much more secure than Firefox could ever be! Changing IE7 back to default is much like a firewall, an ounce of prevention is worth a pound of cure eh? By trying to get us back using IE7 they're just trying to prevent all the malware from getting on our systems, much like most of the rest of the patches.

It's a bit screwy, but that's the best rationalization I could come up with, anyone got a better one?

Re:Changes Default Browser (1)

just_another_sean (919159) | more than 6 years ago | (#19053525)

<paranoid hat='tinfoil'>
An attempt to lure people back to using it? "Oh look, the shiny, I forgot how cool the new IE looks. Why did my cousin tell me to use this Mozilla thing again? Oh well, I wonder if Joe updated his MySpace..."

MS's response to this underhanded attempt? "Oh, well that was an oversight in the patching process, sorry won't happen again".
</paranoid>

Re:Changes Default Browser (1)

Reivec (607341) | more than 6 years ago | (#19053645)

My money would be that no one tested the patch on systems with firefox as as default so no one noticed the problem. As much as I don't like Microsoft I could see how this could have just been an honest mistake from a side effect of running some premade function during the patch that does several things, only one of which is setting the default flag.

Re:Changes Default Browser (1)

eck011219 (851729) | more than 6 years ago | (#19054227)

I'm certainly not an expert on this kind of stuff (I'm a web designer), but it seems to me that it could be that the patching process requires that IE be run at some point during the process (perhaps in the background, but still technically in memory and so forth). Maybe after the patch, it has to run IE to confirm successful patching. And if another browser is the default, that can obviously cause problems.

Dunno. Don't understand any of this stuff. Just thinking out loud. I doubt it's an accident, though. If it's not something technical like I'm suggesting, I would guess (as have others) that it's a tactic for user migration.

Re:Changes Default Browser (0)

Anonymous Coward | more than 6 years ago | (#19053775)

Very true. You will also notice that Windows Media Player is now your default wav, mov, wmv, mp3, etc. player also.

Re:Changes Default Browser (0, Troll)

Kuciwalker (891651) | more than 6 years ago | (#19054049)

I suspect the parent is lying, since it didn't happen to me. I just checked and Firefox is still the default.

Re:Changes Default Browser (1)

ComputerSlicer23 (516509) | more than 6 years ago | (#19054147)

Upon virtually every microsoft patch Firefox and Thunderbird require me to reset my default browser and e-mail client. My guess is that this is a simple security mechanism. Hooking into the startup of e-mail and web software would be a good place for a virus to hide... Then just startup the older software and life is good. It'd be a good place to hide malware startup that is outisde of the normal places that are checked for issues.

Kirby

Re:Changes Default Browser (1)

aegisalpha (58712) | more than 6 years ago | (#19054189)

I haven't been home to patch my windows box yet, but I'd suspect it would have more to do with the possibility of malware setting the default browser to something else. Most firefox users are likely going to hit the icon they normally do, see the default browser pop-up and re-confirm.

Or it simply wasn't tested on systems with firefox as was mentioned.

Cumulative IE 7 update 34,70 MB?? (4, Interesting)

edgrale (216858) | more than 6 years ago | (#19053277)

What's up with the cumulative IE 7 update being 34,70 MB?
It is bigger than the x64 bit version!

Update also makes IE 7 the default browser (3, Interesting)

edgrale (216858) | more than 6 years ago | (#19053349)

Uh...

Did they even QA this thing? The size is huge and now it also stole the default browser setting.

Re:Update also makes IE 7 the default browser (1)

anti-human 1 (911677) | more than 6 years ago | (#19053809)

The size is huge and now it also stole the default browser setting.

Duh, it added support for 1997-era Browser Wars filetypes. Didn't all the installers back then turn their app to default?

Mitigating factors in Vista... (-1, Troll)

jkrise (535370) | more than 6 years ago | (#19053375)

There are only 6 known users of Vista...

4 of them are tech-support staff in Microsoft
1 of them is CowBoyNeal
and the last one is YOU!

Yes, YOU!!!! Get the patch from Microsoft, and there's Nothing for you to see here... Move along.

Is this even news? (2, Insightful)

anss123 (985305) | more than 6 years ago | (#19053415)

MS throws out a bunch of patches every month, and have been at it for years. It must be a regular event by now, right?

Cure the disease and lose the patient (5, Interesting)

CyberVenom (697959) | more than 6 years ago | (#19053447)

When Microsoft releases "critical" patches like this, one of the primary motivations for users, home and business alike to apply the patches is fear of loss of data if their computer falls victim to one of the new exploits. To "help" users keep their systems up to date, Microsoft has provided the Automatic Update tool. Formerly this tool would insistently prompt the user to reboot once updates had been installed. Recently, however, the tool has taken to rebooting computers of its own volition if it is unable to elicit a user response to its prompting within 5 minutes. What's the big deal? Well, lets say you have just typed up a nice email but want to add a couple more points to it before sending it off, but you have to walk away from the computer for a while. (coffee break, etc.) And when you come back 6 minutes later you find that Windows has terminated all your open programs, lost your email, rebooted, and is now happily chiding away to itself in a little speech bubble about some new updates having been installed. Well, that's fine - install your damn updates, but either do it without destroying my work or wait until I give you permission!
(yes, I lost an email I was writing last night because of this and I'm still a bit sore...)

Re:Cure the disease and lose the patient (1)

Doctor Crumb (737936) | more than 6 years ago | (#19053487)

Or let's say you're a developer whose machine is in the middle of a 16 hour build. Oops, better start over!

Re:Cure the disease and lose the patient (0)

Anonymous Coward | more than 6 years ago | (#19053535)

Pretty simple to avoid. Just set the Automatic Updates to download automatically, but let you choose when to install.

Re:Cure the disease and lose the patient (1)

praxis (19962) | more than 6 years ago | (#19053591)

First off, why start over? Incremental builds solve that problem. As for the email, what email clients do not safe unsent messages when asked to close? As for unprompted reboots, they get prompted. When Vista installs a patch, it tells you, then you can tell it when to reboot, otherwise it does it at some odd hour, when you don't use your machine (or I don't anyhow). If I respond to the updates have been installed popup, I can tell it when to reboot, otherwise it does it at 4am when I am at home. If you are going to run a 16 hour build, you should be aware of your machine and manage it's updates manually. Or use a build server, and only do local incremental builds when writing code. There are plently of people out there that know how to apply patches when they are convenient, and keep their critical machines running when critical, all it takes is a little bit of savvy. And for those that are not, they are not doing 16 hour builds, and their email client saves their messages for them.

Re:Cure the disease and lose the patient (1)

UncleFluffy (164860) | more than 6 years ago | (#19053597)

(yes, I lost an email I was writing last night because of this and I'm still a bit sore...)

Yes, it screwed up a drive rebuild here that had been running for about 20 hours before the reboot. There's an option "download but don't install until I tell you" that may stop this unpredictable rebooting.

Re:Cure the disease and lose the patient (1)

drinkypoo (153816) | more than 6 years ago | (#19053599)

(yes, I lost an email I was writing last night because of this and I'm still a bit sore...)

It's too bad you weren't paying attention during your installation, in which you were asked to configure automatic updates.

It's further too bad that you didn't inspect your various settings, instead simply trusting the computer to automatically be configured to do precisely what you want it to.

It's also too bad that you don't know how to use autosave, either.

Perhaps if you learned how to use your computer, you'd have a better time with it.

Don't feel too bad about this comment, the person who replied to you about having a build interrupted is the really big idiot. First, if you're using a decent make-type tool, you pick up where you left off. Second, if you're a developer, you'd better fucking know what you're doing. The casual user at least has an excuse.

Re:Cure the disease and lose the patient (1)

mattpalmer1086 (707360) | more than 6 years ago | (#19053835)

Trusting that your computer won't just go ahead and lose all your work if you pop out for a moment makes the user stupid? Sorry - no operating system should automatically reboot itself by default with no permission or special instruction from the user. I nearly lost work to this too. I had lots of stuff open, and this damn auto update dialog box tells me it's going to reboot my machine in 4 minutes... counting down... and no way to even cancel it. Here's a hint: it's not the users who are dumb in this situation, it's the cretinous idiots who wrote that system (with some blame aimed at their apologists too...)

It's one of the reasons (but by no means the only reason) I switched to linux a year ago, and haven't looked back. Things are just... calmer, somehow. I feel like... it's my computer again. We certainly seem to inhabit different kinds of computing universe.

Re:Cure the disease and lose the patient (1)

drinkypoo (153816) | more than 6 years ago | (#19054039)

Trusting that your computer won't just go ahead and lose all your work if you pop out for a moment makes the user stupid? Sorry - no operating system should automatically reboot itself by default with no permission or special instruction from the user.

During the OS install, you are specifically asked to configure automatic updates. Some of the service pack installs also ask you to do this.

Automatic updates are a major feature of Windows these days. They do not hide from you the fact that they will reboot your system. Rebooting the system after updates are installed is necessary to maintain stability.

If the user decides to just click away the dialog asking you to configure automatic updates (which many OEMs will leave for you) then that's their damage.

I had lots of stuff open, and this damn auto update dialog box tells me it's going to reboot my machine in 4 minutes... counting down... and no way to even cancel it. Here's a hint: it's not the users who are dumb in this situation, it's the cretinous idiots who wrote that system (with some blame aimed at their apologists too...)

I actually think it's both. The user is stupid. The developer is lame if you can't cancel. But then again, the user is ASKED if they want to use the feature at all, and how they would like it to behave. If they say "I don't care" (by clicking away the box without reading it) then they've forfeit their right to complain about how it behaves.

It's one of the reasons (but by no means the only reason) I switched to linux a year ago, and haven't looked back. Things are just... calmer, somehow. I feel like... it's my computer again. We certainly seem to inhabit different kinds of computing universe.

Yes yes, I run Linux too. I don't run Windows any more, except in a VM and that only for a small handful of programs - most of the Windows stuff I need runs under wine these days. I still believe that if you don't take the time to configure your system, then you have only yourself to blame.

Re:Cure the disease and lose the patient (1)

angryrobot (223166) | more than 6 years ago | (#19053675)

I do a weekly Drum and Bass radio show on kunninmindz.com. This "feature" decided to make itself known to me a couple of weeks back when it wanted to reboot the machine in the middle of my radio show. My setup has the computer in the other room from my DJ setup, so I was throwing up a few records then running into the other room to check on it every 10 minutes. Took me about an hour of this until it occurred to me I could temporarily turn off automatic updates.

Really boneheaded design decision on their part!

Re:Cure the disease and lose the patient (1)

pandrijeczko (588093) | more than 6 years ago | (#19053951)

So a "Drum and Bass" radio show goes off the air for 30 minutes.

And the loss is to who?

Re:Cure the disease and lose the patient (1)

mstahl (701501) | more than 6 years ago | (#19053721)

Yet more reasons to love my OS X / Ubuntu setup I've got going on. The dialogue goes more like "Hey I've got these updates for you whenever you've got a second" rather than "YOU WILL INSTALL THIS NOW".

Re:Cure the disease and lose the patient (1)

DavidD_CA (750156) | more than 6 years ago | (#19053843)

How about using an email application that periodically saves your work?

That concept is so new, I know.

And now it won't go away (0)

Anonymous Coward | more than 6 years ago | (#19053995)

So yesterday the little popup comes up and tells me there are updates to my (PHB's) Operating System available. I let it download & install them, and the final dialog box comes up: "You have successfully Updated Your (PHB's) Computer (YAAY!)"

Now it won't go away. The popup comes back up after about 30 seconds to tell me there are updates available for my (PHB's) computer, I've run through the installation about a dozen times, now, and still, there's the little popup, telling me there's an update available for Internet Exploiter 6. (Which I _won't_ use, anyway. Of course I use Firefox.)

So bye bye, automatic updates, since you're now borken enough to nag me to do something which I've already completed.

M$hit#$^&*]!*^%R$^&*@

Did they fix the cltreq.asp query nonsense? (5, Interesting)

Medievalist (16032) | more than 6 years ago | (#19053485)

People running Apache are starting to see this junk in their logs:

GET /_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVER =4&CAPREQ=0 HTTP/1.1
GET /MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=2614&STRMVER =4&CAPREQ=0 HTTP/1.1
This noise gets spewed at websites by IE if you load the latest version of Microsoft Office and turn on the discussion bar "feature".

You'd think sending these GETS to every single web site visited would be unnecessary (since IE can tell if it's connected to IIS, and only IIS is going to have cltreq.asp installed).

I'm guessing they didn't fix that one?

Re:Did they fix the cltreq.asp query nonsense? (0)

Anonymous Coward | more than 6 years ago | (#19053603)

They're evil, but they're clever in their evilness. Might this be a way for them to shift the server equation more in their favour? By artificially increasing the workload on non-IIS servers, it negates their need to innovate competitively. "Sure, company X, Apache might be far more efficient, but the reality is that you have to buy twice as many servers to handle the extra workload they have to deal with, because IE is optimized to work with IIS. Therefore, IIS is more cost-effective for you."

Re:Did they fix the cltreq.asp query nonsense? (2, Insightful)

drinkypoo (153816) | more than 6 years ago | (#19053733)

You'd think sending these GETS to every single web site visited would be unnecessary (since IE can tell if it's connected to IIS, and only IIS is going to have cltreq.asp installed).

Is there any reason someone with Chilisoft ASP couldn't implement the same functionality?

Re:Did they fix the cltreq.asp query nonsense? (1)

Tom (822) | more than 6 years ago | (#19054199)

As a server admin, I'd like to know if anyone has found a way to blast back, yet? Something to kill the discussion bar or at least overflow it with garbage? I'll take anything that makes these users realize the crap is broken.

Please?

dominant Internet Explorer.. my ass (3, Funny)

gd23ka (324741) | more than 6 years ago | (#19053505)

Here, this is probably the article you had in mind:

"Microsoft has just released seven dominance advisories -- all rated critical -- with dominance enhancements for at least 19 dominance threats affecting the world's premier and most popular Windows(R) operating system, the widely deployed superior Office productivity suite and the most dominant Internet Explorer browser. Six of the 19 dominance threats affect Microsoft's latest and most exciting offering, the Windows Vista Operating System. 'There are dominance enhancements for 7 different domination points that could otherwise lead to unplanned code execution in the most popular word processor of all times Word, the most powerful spreadsheet application Excel and of course spectacular Office. Users of Microsoft Exchange the kick-ass central hub of Information Technology are also urged to pay attention to all of the critical bulletins, which cover 4 different dominance features. A cumulative IE dominance update addresses six potentially cool features. There are the six that apply to the dominant IE 7 on the hugely popular Windows Vista Operating System. The last bulletin in this month's batch apples to the widely acclaimed CAPICOM (Cryptographic API Component Object Model) and could also put users at risk of complete system dominance violations.'"

default browser (0)

Anonymous Coward | more than 6 years ago | (#19053509)

What I want to know is why they keep changing my default browser with updates. That really irks me and doesn't seem right. My computer had downloaded, installed, and rebooted updates last night for me to find an update message when I logged in. I open up firefox to do my morning necessities, and sure enough .. "is not your default browser, would you like to ..".

Argh!

Why didn't they find these holes earlier? (4, Insightful)

644bd346996 (1012333) | more than 6 years ago | (#19053723)

Ok, here's what's bugging me: 6 out of 19 holes are still present in Vista. That means that, in developing Vista, they removed at least 13 holes. My question: was that an accident? If those 13 holes were identified as critical vulnerabilities during Vista development and fixed, then they should have been patched in XP too. If they were accidentally fixed by more broad changes in Vista, then I guess you can see that as good, but it still calls into question MS's ability to audit code.

On the other hand, if the rewritten portions of Vista removed 70% of the critical holes, that's pretty good. They might have been working on the right modules.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...