Only 3 M$ patches in 2 mths???
Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: Only 3 M$ patches in 2 mths???

  1. #1
    oldie ric-o's Avatar
    Join Date
    Nov 2002
    Posts
    487

    Question Only 3 M$ patches in 2 mths???

    Rather than add this to my existing thread about the latest 3 patch bulletins, I wanted to start a new thread to spur a discussion about some concerns I have about M$ and the lack of patches released.

    Is anyone else suspicious about M$ only releasing 3 patches in 2 months?
    Is this ALL they fixed?
    And where are the IE patches to the some odd 30 vulnerabilities discovered by security research groups?
    We haven't seen an IE patch for a long time, is M$ giving up on IE?

    Wha'd ya think AOers?

    --signed: suspicious

  2. #2
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Well they must be only fixing what they think its critical. They might not think that a security bug found by a researcher is exploitable in the "real world."
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  3. #3
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    I have to agree with ric-o here! The lack of information about all those IE vulnerabilites are bad! Does this mean M$ cannot fix Ie anymore? (Too much patching = Broken Software). I'm really surprise also, After I read those 3 bulletins, I was looking for more! Remember the time where you had 2-3 patchs very Tuesday? I think M$ is hiding something.
    -Simon \"SDK\"

  4. #4
    I feel Microsoft is not hiding anything, but are fine tuning their patches. While yes, there are updates few and far inbetween, those updates always cover a very wide range. This means that one update patch may fix 3 or 4 things. Keep in mind that Service Pack 2 will be released very soon, fixing more glitches and exploits (not real world ones, only achedemic) than you could imagine. In this SP2 IE will also be updated to 6.05, and include popup blocking configuration built into it, as well as the IE patches you are concerned about SDK.

    So in short, MS is on the ball, but doesn't want to redo work when the wheel is invented. Wait for SP2 (for XP) and things will change. I beta tested SP2 and the improvement upon internal security, code security, and IE were astounding.

    On a side note of their release cycles being long, that's just the way it is. They would rather release a lot of fixes at once than one every week. There are a few reasons for this:

    * With a new patch every week, customer and tech service agents would be going nuts trying to keep up with the amount of information they must relearn in order to assist those calling in from any problems they may experience. By releasing them in larger, cumulative packages the tech and sales agents have much more time to understand the fixes and then assist the customers with a much more specific problem. (ie. without worrying "well i wonder if it was last weeks package.. or the week before that did it") This is a buisness stradegy, and one that is crucial I feel when it comes to assisting customers on support.


    SP2 reference documents

    - http://www.computerworld.com/softwar...,00.html?f=x72

    - http://www.arstechnica.com/wankerdes...p2-beta-1.html

    - http://download.microsoft.com/downlo...umentation.doc

  5. #5
    oldie ric-o's Avatar
    Join Date
    Nov 2002
    Posts
    487
    Originally posted here by pooh sun tzu
    [B]...Keep in mind that Service Pack 2 will be released very soon, fixing more glitches and exploits (not real world ones, only achedemic) than you could imagine. In this SP2 IE will also be updated to 6.05, and include popup blocking configuration built into it, as well as the IE patches you are concerned about SDK.

    So in short, MS is on the ball, but doesn't want to redo work when the wheel is invented. Wait for SP2 (for XP) and things will change. I beta tested SP2 and the improvement upon internal security, code security, and IE were astounding.
    Pooh: I appreciate your opinion but am concerned because you are forgetting another very popular OS (at least in corporate world)... Windows 2000. You only mentioned XP (re.; SP2 reference).

    By releasing them in larger, cumulative packages the tech and sales agents have much more time to understand the fixes and then assist the customers with a much more specific problem.
    Yep, I totally agree...however I do not consider 3 patches in 2 months a large cumulative patch.

    Keep in coming AOers...I really want to hear everyones thoughts here...is M$ really working to fix their OS or did they take a "holiday" in Dec & Jan???

  6. #6
    As far as I know XP will be the only one receiving the newer updates, as 2000 is old for it's time. To be blunt, the features, hypthreading, and processing handling in XP has surpassed 2000. It is thus time to move on, and like 98, 2000 will soon be losing support. XP for home use is an excellent choice, and I have run personal benchmarks to test the differences, find XP superior in all of them. Server 2003 for server use, instead of 2000 server, in which I too benchmarked and it surpassed 2000 once again.

    The reasoning behind 2000 slow updates is that 2000 is trying to be phased out. It is a 3 year old (4 almost) operating system that need to step aside for the continuing product. Sure, we could start a flame war about which OS is better, but numbers counter, and so do benchmarks. By upgrading to a newer OS, support and patches will be supported much more often.

    This would apply to someone running 98 as well. It's time to move foward. MS took no holiday, but is creating longhorn and supporting XP to help surge the users foward towards better, faster, and much more stable operating systems.

    Once again, I'm not looking to turn this into a "which os is better argument", but like a linux user, they will and should upgrade to RH 9 from RH 6 since 9 has come out.

  7. #7
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    I think they are globbing all their patches now purely to save face, it looks bad for them when every week it hits the news that there is a new patch/vulnerabillity out. Is it good for customers? ,probably not for those who get screwed due to the lack of a patch. Probably yes for ms and their shareholders. One day some one will write a nasty worm for an exploit that "is not going to be patched till next months release" and you know what will happen......
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

  8. #8
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Faster? Are you on crack? Windows 3.X was faster than 95, on some machines 95 is faster than 98....ME is terrible no matter what....XP has the system requirements of a damned Cray, I can't wait too see the finished Long Horn....

    Long Horns minimum system requirements:

    At least dual 3.06 GHz processors

    2 GBs RAM, 4 recommended

    19 inch LCD flat screen

    Sound card from any hardware company that will only make drivers for Windows

    Video card from anyone but the Linux friendly Nvidia corp

    It makes sence to me:

    Microsoft tells hardware makers that they will sell only Windows on desktop machines, or they will not do business with them....Most people know Windows so they buy it. The hardware maker is scred into selling only Windows on desktop machines and laptops.

    Then, as a thank you for selling only Microsoft products on the hardware, Microsoft releases a new OS every 2 years or so that has WAY bigger system requirements then the last one, which makes people have to buy MORE newer hardware to run it on, and in turn, this circle jerk continues as Microsoft keeps making resource whores for OSs, and the hardware makers only sell dektops with Windows.

    For proof of this:

    Windows 9X runs on a 486 as a minimum, Windows ME however will not. Yet both still rely on DOS, which will run on a damned talking whiz kid/ Calculator.

    Windows 2000 has to have at least a Pentium 133, well, thats more than double the power the others needed. By this time, almost everyone ran Windows, so Microsoft could actually get away with this ****. Microsoft wants you to throw away your 486, your Pentium, and your pentium 2. Why? Because if they keep making money for the hardware makers, they keep selling nothing but Windows.

    A 486 is still very much usefull. Most people throw them away because all they know how to use is Windows. Now look at XP... Not something you'd load on older hardware right? Even more needs than 2000 had. Now, don't get me wrong, XP is great, but why so many damned resources?

    Also:

    Have you ever noticed how you can run Widnows 98 SE with a fresh install fast as HELL. But then after you update it with patces it starts lagging? Well, that would be Microsoft making you think your hardware just "slows down" for some reason.

    If anyone has ever done a fresh install of Windows 98, booted it up, used it for 10 minutes, then installed all security and big fixes, and then booted it up and use it for 10 minutes again, you can easily note that the system has a much slower responce time.

    Now, this COULD be because the patches were released in a time span made to make you not notice right away. And with the track record the clear glass bastards in redmond havem, this isn't exactly a shocking theory.

    Why upgrade to Redhat 9? Just because it's out? That's stupid! 7.X is a fan favorite, and it has less resource hogging than 9. You really are a sheep. "Oh!!!!!!! The new version is out! I simply MUST spend all of my money on it because it's new, meaning the old one is now worthless! It's new so it is better!"

    Redhat is killing support for the users anyway, you might as well dump their asses like I'v been saying for a year.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  9. #9
    Originally posted here by gore
    Faster? Are you on crack? Windows 3.X was faster than 95, on some machines 95 is faster than 98....ME is terrible no matter what....XP has the system requirements of a damned Cray, I can't wait too see the finished Long Horn....

    Long Horns minimum system requirements:

    At least dual 3.06 GHz processors

    2 GBs RAM, 4 recommended

    19 inch LCD flat screen

    Sound card from any hardware company that will only make drivers for Windows

    Video card from anyone but the Linux friendly Nvidia corp
    I have to respond because you are giving out misinformation. I ran build 4051 of Longhorn on my Pent III 800 mhz with 400 megs of RAM on an nvidia GEForce 2 MX 400. It ran like a dream. My Soundblaster live ran perfectly. I don't know where you get your stats from, but that's no where near what I tested and ran beautifully, but that's no where near close to the specifications in the readme for the Longhorn release.

    Microsoft tells hardware makers that they will sell only Windows on desktop machines, or they will not do business with them....Most people know Windows so they buy it. The hardware maker is scred into selling only Windows on desktop machines and laptops.
    This is called running a buisness and having partners. Nothing wrong with it. That is their buisness practice.

    Then, as a thank you for selling only Microsoft products on the hardware, Microsoft releases a new OS every 2 years or so that has WAY bigger system requirements then the last one, which makes people have to buy MORE newer hardware to run it on, and in turn, this circle jerk continues as Microsoft keeps making resource whores for OSs, and the hardware makers only sell dektops with Windows.
    This is because computers are improving faster than the rate of the OSes being developed. Better, more resource intensive OSes that use more features, more eyecandy, and more in general configuration can now be created because our computers can handle them. Old doesn't mean better, and neither does newer mean better. But faster computers means we as programmers can do more, include more, and give the option to more. Take Gnome 2.4 for example. XFree, even. Both are going to be developing true layer transparencies very soon. This will require more resources, but it is there because they understand computers nowadays can handle it, and because people like it.

    Windows 9X runs on a 486 as a minimum, Windows ME however will not. Yet both still rely on DOS, which will run on a damned talking whiz kid/ Calculator.
    I <3 dos too. But have moved on. 486 is how long ago? Newer OSes are meant to run on newer systems.

    Windows 2000 has to have at least a Pentium 133, well, thats more than double the power the others needed. By this time, almost everyone ran Windows, so Microsoft could actually get away with this ****. Microsoft wants you to throw away your 486, your Pentium, and your pentium 2. Why? Because if they keep making money for the hardware makers, they keep selling nothing but Windows.
    That is true, but also because the hardware and power computers were beginning to become mainstream. At that time, pentium 4's were a hit, and pent III were dirt cheap. Meaning MS as well as the users were very ready for eyecandy, beautiful interfaces that their hardwarecould take advantage of. No sense in letting 4 ghz and 2 gigs of ram going to waste on an OS and it's applications won't use a 10% of it.

    A 486 is still very much usefull. Most people throw them away because all they know how to use is Windows. Now look at XP... Not something you'd load on older hardware right? Even more needs than 2000 had. Now, don't get me wrong, XP is great, but why so many damned resources?
    I agree. 486's are amazing little servers that can accomplish a great many things. XP is meant for newer computers (pent III and IV), but not for older computers. That's fine, as people who have older computers know to stick to lower OSes, while those with newer computers know to stick with newer OSes.

    Have you ever noticed how you can run Widnows 98 SE with a fresh install fast as HELL. But then after you update it with patces it starts lagging? Well, that would be Microsoft making you think your hardware just "slows down" for some reason.

    If anyone has ever done a fresh install of Windows 98, booted it up, used it for 10 minutes, then installed all security and big fixes, and then booted it up and use it for 10 minutes again, you can easily note that the system has a much slower responce time.
    I have never noticed this, and it seems far too conspiracy theorist for me. When an OS is upgraded that simply means tweaking needs to be done, both for Linux and Windows OSes.

    Why upgrade to Redhat 9? Just because it's out? That's stupid! 7.X is a fan favorite, and it has less resource hogging than 9. You really are a sheep. "Oh!!!!!!! The new version is out! I simply MUST spend all of my money on it because it's new, meaning the old one is now worthless! It's new so it is better!"
    No, I am not a sheep. The primary reason for upgrades to a new level is because they always contain a very large, cumulative area of patches and fixes. It will almost always include new features, new ways of doing something, and for the sheercuriosity of learning the new version. In my experience, RH 9 and RH 7 are very similar. However, if you configure 7 wrong it can run as slow as 9. If you configure 9 good it will run as good as 7.

    Redhat is killing support for the users anyway, you might as well dump their asses like I'v been saying for a year.
    Hail gentoo, and I agree. But keep in mind one thing, please. Newer hardware makes room for better, bigger, more feature filled OSes that a lot of people enjoy. Some enjoy, some don't, and that is their opinion.

  10. #10
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Ummm, the requirements I listed were a complete joke....I assumed peopel would see that and get a laugh out of it....Damn you kill the fun in it.

    As for a 486, I still need one, I want to set up a few things and play.

    And for the record, the newest version of Slackware will run on a 486. So newer OSs can still be put on older hardware. I'll leave Linux on this box, and use that 128 MB Vid card for what it should be used for, Unreal Tournament, Tux Racer, and Quake, and Doom 3 when it comes out.

    I'm thinking you are starting too realise I'm not seriouse....At least I hope so. Windows is great for a desktop, but as for servers, I'm partial to *NIX. And *NIX also makes a great desktop.

    Everyone says how Macs are the greatest at Graphic designs.....Which they obviously have never used UNIX. An SGI running IRIX would OWN a Mac.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides