Windows vista update

[DakX]

I was reading the feed from eweek when I saw this acticle [1]. I thought that it would be worth a post on AO. I wasn't quiet sure where to put it, in tech humor or here. I decided that this was the best place. If not please correct me and move the tread. I know someone is going to flame me (I don't expect otherwise) but hey, I just want to share

Quote from the article:

Microsoft Corp. has shipped the first critical security update for Windows Vista, the next version of its flagship operating system.

I find this to be verry funny, or sad, the choice is yours to make. Its not even out yet and there already getting critical update's. I know that its a beta, I'm not expecting it to be perfect but still, come on, its critical and the let it leak. Sounds a bit odd.

This is what the update is about (so you don't have to read the whole article (neither did I ))

A Microsoft spokesperson told eWEEK that the Vista patches address the same vulnerability that led to the WMF (Windows Metafile) malware attacks earlier this month.

[1] eweek's article

ps:

Microsoft also moved swiftly to dismiss speculation in some quarters that the WMF flaw was a "back door" placed in Windows intentionally by the Redmond, Wash., software maker.

IF this were only to be true. Or there is somethign there not telling us.

-DakX-

[DakX]

I was reading the feed from eweek when I saw this acticle [1]. I thought that it would be worth a post on AO. I wasn't quiet sure where to put it, in tech humor or here. I decided that this was the best place. If not please correct me and move the tread. I know someone is going to flame me (I don't expect otherwise) but hey, I just want to share

Quote from the article:

Microsoft Corp. has shipped the first critical security update for Windows Vista, the next version of its flagship operating system.

I find this to be verry funny, or sad, the choice is yours to make. Its not even out yet and there already getting critical update's. I know that its a beta, I'm not expecting it to be perfect but still, come on, its critical and the let it leak. Sounds a bit odd.

This is what the update is about (so you don't have to read the whole article (neither did I ))

A Microsoft spokesperson told eWEEK that the Vista patches address the same vulnerability that led to the WMF (Windows Metafile) malware attacks earlier this month.

[1] eweek's article

ps:

Microsoft also moved swiftly to dismiss speculation in some quarters that the WMF flaw was a "back door" placed in Windows intentionally by the Redmond, Wash., software maker.

IF this were only to be true. Or there is somethign there not telling us.

-DakX-

[nihil]

-DakX-


Get a life mate. MS are just providing an upgrade to XP, they have already downsized the original Longhorn project, and are miles behind

Of course Vista has common code, so if there is a flaw in XP/2000/ME etc it will be right there in Vista as well. Now, MS have thousands of people beta testing Vista...............no patch for them and they get owned or worse.

That would not make anyone willing to beta test for them in the future and be a really great advert for them

As for the other crap, name just ONE commercial benefit that MS would gain from such an action..............on the other hand I can think of a lot of serious bubba time for their senior executives if it were true.

Typical hack journalist FUD IMO

[nihil]

-DakX-


Get a life mate. MS are just providing an upgrade to XP, they have already downsized the original Longhorn project, and are miles behind

Of course Vista has common code, so if there is a flaw in XP/2000/ME etc it will be right there in Vista as well. Now, MS have thousands of people beta testing Vista...............no patch for them and they get owned or worse.

That would not make anyone willing to beta test for them in the future and be a really great advert for them

As for the other crap, name just ONE commercial benefit that MS would gain from such an action..............on the other hand I can think of a lot of serious bubba time for their senior executives if it were true.

Typical hack journalist FUD IMO

[Tiger Shark]

All this MS bashing is pretty funny if you subscribe to Bugtraq.

I delete 98% of all BugTraq messages because they don't pertian to the systems I use. Interestingly enough I would estimate that 80-85% of all the BugTraq messages I delete don't even pertain to my OS. So, I'm a windows only shop and I delete about 70-80% of the BugTraq posts because they couldn't affect any program that runs on my OS....

Not flaming - just pointing out the sillyness of people keep attacking MS for their flaws when, non-scientifically, it appears that the majority of the flaws are occurring in other OS' that have a fraction of the installed base and a fraction of the lines of code included.

[Tiger Shark]

All this MS bashing is pretty funny if you subscribe to Bugtraq.

I delete 98% of all BugTraq messages because they don't pertian to the systems I use. Interestingly enough I would estimate that 80-85% of all the BugTraq messages I delete don't even pertain to my OS. So, I'm a windows only shop and I delete about 70-80% of the BugTraq posts because they couldn't affect any program that runs on my OS....

Not flaming - just pointing out the sillyness of people keep attacking MS for their flaws when, non-scientifically, it appears that the majority of the flaws are occurring in other OS' that have a fraction of the installed base and a fraction of the lines of code included.

[Tiger Shark]

Baggi:

in the end its still "windows".

That comment pretty much defines your partisan position

it will still hang and it will still crash and it will still have same flaws the earlier versions have

Clearly, you have no idea how to use anything past NT4. I don't seem to have any of these "hanging/crashing" incidents, why do you? Never mind.... As I said, I'm not starting another argument about this silly subject - Subscribe to BugTraq - It's as bad as spam - then come back in a year and tell me about all the Windows vulnerabilities.

[Tiger Shark]

Baggi:

in the end its still "windows".

That comment pretty much defines your partisan position

it will still hang and it will still crash and it will still have same flaws the earlier versions have

Clearly, you have no idea how to use anything past NT4. I don't seem to have any of these "hanging/crashing" incidents, why do you? Never mind.... As I said, I'm not starting another argument about this silly subject - Subscribe to BugTraq - It's as bad as spam - then come back in a year and tell me about all the Windows vulnerabilities.

[gore]

I subscribe to Bugtraq too. And lo and behold he's right, most of them aren't Windows. They are PHP and SQL injections.

But Tiger the one thing you said, you pointed out they don't work on your OS, but the comment you made about OSs with a fraction of the users and less code.... Unless you mean Debian, Gentoo, or HP-UX, whicdh is the majority of them, I don't think I understand. You can't think of an Open Source app's vulnerability the same way you can a Windows one.

Windows vulnerabilities affect Windows, a Fetchmail vulnerability affects Linux, BSD, Unix, Mac OS and who knows what else. And then EVERY Linux vendor and Mac OS vendor and Unix vendor issue a fix, meaning there are another 200 emails to the Bugtraq list for the same thing.

Debian and Gentoo are the only huge Linux distros on Bugtraq. Not sure why but the apps they bundle are vulnerable as hell.

You see, Mutt on SUSE, and Mutt on Debian, may look the same and act very much the same, but the code that makes the app up, in Debian, in a lot different than the one another distro comes with. Gentoo and Debian must have a lot of idiots working for them when it comes time to "port" an app to their distro.

This is why you don't see Slackware security patches but.... What 3 times a year? Why? Because Pat doesn't make patches to applications for Linux. He uses what the original app's source is made of instead of patching / hacking it to work with his particular version of Linux.

Gentoo however patches those apps to work with the way Gentoo works.

SUSE does too, however, the reason SUSE doesn't have 10,000 BugTraq postings the way Debian and Gentoo do, is because SUSE do code audits.

Lol, Tiger you tell everyone that uses Linux it seems, that they are all saying their OS is better and posting "My OS is better crap"...But seriously unless you've decided to play a joke on AO, it would seem you're the same way but with Windows.

I don't care what OS anyone uses, because I know I can use it too. But every time

Ich habe frage:

How come Linux has no Spyware problems? I mean seriously if it was possible it would have happened already long ago because some Windows geek would get pissed off that Linux kids make fun of him and write some even as proof of concept and release it even maybe. Why hasn't it happened?

And why aren't Linux and Mac OS Worms and virii spreading? Surely some Windows geeks can code, why not shut me up?


EDIT:

Should have brought this up long ago:

A few months ago I decided to do an experiment... I took two of my machines and installed them from scratch, putting Windows XP on one machine, and Linux on another one. But the Linux install, was custom, I only installed apps that Windows comes with. Here is an example:

Windows has an Email client, so I installed one. BUT only if it was something it came with by default.

So I installed an Email client,

Then I installed a browser because Windows has IE.

Windows comes with 3 text editors (Wordpad, Edit, and Notepad).. So I installed Vim, Emacs, and a word processor.

Windows comes with a messenger, so I installed one of those too.

Windows comes with a command prompt, so I installed one. (I should point out Linux is a Kernel, and the GUI is seperate, however Windows has a GUI so to be fair I installed X too). Now, Windows has a claculator, so I popped one of those on too.


Made sure the Linux distro was around the year 2001 as XP is too. My results:

When you trim a Linux distro down to nothing but the stuff Windows comes with, you have a very minimal system and maybe 3 security updates.

Oh, to be fair again, I used a none Restore copy of Windows. When you buy Windows XP at Best Buy that's the OS itself. The stuff you get with a PC, has apps added to it so you'll buy it. So I used one that was from a box.

Not only were there hardly any security fixes, but it was hard to use Windows because for some reason it couldn't find my NIC, My video card (LOVE 380x400 or whatever it was by the way...) And I couldn't do a hell of a lot. However Linux, even though that old as well, found everything.

Try it, it's fun. Oh, Windows doesn't come with Anti Virii or Anti Spyware either so that wasn't installed.

Why doesn't Windows come with Anti Virus or Spyware software? Linux DOES and doesn't even need it, Windows needs it and doesn't have it on the install CDs....

[gore]

I subscribe to Bugtraq too. And lo and behold he's right, most of them aren't Windows. They are PHP and SQL injections.

But Tiger the one thing you said, you pointed out they don't work on your OS, but the comment you made about OSs with a fraction of the users and less code.... Unless you mean Debian, Gentoo, or HP-UX, whicdh is the majority of them, I don't think I understand. You can't think of an Open Source app's vulnerability the same way you can a Windows one.

Windows vulnerabilities affect Windows, a Fetchmail vulnerability affects Linux, BSD, Unix, Mac OS and who knows what else. And then EVERY Linux vendor and Mac OS vendor and Unix vendor issue a fix, meaning there are another 200 emails to the Bugtraq list for the same thing.

Debian and Gentoo are the only huge Linux distros on Bugtraq. Not sure why but the apps they bundle are vulnerable as hell.

You see, Mutt on SUSE, and Mutt on Debian, may look the same and act very much the same, but the code that makes the app up, in Debian, in a lot different than the one another distro comes with. Gentoo and Debian must have a lot of idiots working for them when it comes time to "port" an app to their distro.

This is why you don't see Slackware security patches but.... What 3 times a year? Why? Because Pat doesn't make patches to applications for Linux. He uses what the original app's source is made of instead of patching / hacking it to work with his particular version of Linux.

Gentoo however patches those apps to work with the way Gentoo works.

SUSE does too, however, the reason SUSE doesn't have 10,000 BugTraq postings the way Debian and Gentoo do, is because SUSE do code audits.

Lol, Tiger you tell everyone that uses Linux it seems, that they are all saying their OS is better and posting "My OS is better crap"...But seriously unless you've decided to play a joke on AO, it would seem you're the same way but with Windows.

I don't care what OS anyone uses, because I know I can use it too. But every time

Ich habe frage:

How come Linux has no Spyware problems? I mean seriously if it was possible it would have happened already long ago because some Windows geek would get pissed off that Linux kids make fun of him and write some even as proof of concept and release it even maybe. Why hasn't it happened?

And why aren't Linux and Mac OS Worms and virii spreading? Surely some Windows geeks can code, why not shut me up?


EDIT:

Should have brought this up long ago:

A few months ago I decided to do an experiment... I took two of my machines and installed them from scratch, putting Windows XP on one machine, and Linux on another one. But the Linux install, was custom, I only installed apps that Windows comes with. Here is an example:

Windows has an Email client, so I installed one. BUT only if it was something it came with by default.

So I installed an Email client,

Then I installed a browser because Windows has IE.

Windows comes with 3 text editors (Wordpad, Edit, and Notepad).. So I installed Vim, Emacs, and a word processor.

Windows comes with a messenger, so I installed one of those too.

Windows comes with a command prompt, so I installed one. (I should point out Linux is a Kernel, and the GUI is seperate, however Windows has a GUI so to be fair I installed X too). Now, Windows has a claculator, so I popped one of those on too.


Made sure the Linux distro was around the year 2001 as XP is too. My results:

When you trim a Linux distro down to nothing but the stuff Windows comes with, you have a very minimal system and maybe 3 security updates.

Oh, to be fair again, I used a none Restore copy of Windows. When you buy Windows XP at Best Buy that's the OS itself. The stuff you get with a PC, has apps added to it so you'll buy it. So I used one that was from a box.

Not only were there hardly any security fixes, but it was hard to use Windows because for some reason it couldn't find my NIC, My video card (LOVE 380x400 or whatever it was by the way...) And I couldn't do a hell of a lot. However Linux, even though that old as well, found everything.

Try it, it's fun. Oh, Windows doesn't come with Anti Virii or Anti Spyware either so that wasn't installed.

Why doesn't Windows come with Anti Virus or Spyware software? Linux DOES and doesn't even need it, Windows needs it and doesn't have it on the install CDs....