MS Patch Train Leaves the Station

per1176 writes "Microsoft has released 10 advisories to cover a dozen security vulnerabilities, including a "critical" cumulative update for the Internet Explorer browser. The IE fix corrects a remote code-execution vulnerability that exists due to the way the browser handles PNG (Portable Network Graphics) files."

Large size crash

[Anonymous Coward]

Does this fix the crash with large streched images?
ie width=9999999 height=999999 in an

Patches don't solve the problem on new installs

[Whafro]

It's happened to me twice now...

I'll install a vanilla copy of XP Pro onto a system, and within minutes of hooking the machine up to the network, it has become infected with a virus, basically requiring a reinstallation immediately.

My normal mode of installation is:

- Install XP
- Two IE windows open:
- One downloads Firefox
- The other goes to Windows Update and starts downloading patches.
- Download everything else using firefox, including drivers, etc.

But apparently Windows Update isn't a fast enough method to get the machine patched, and the machine is compromised before the appropriate patches are finished being applied.

I've made a "XP Install Disc 2" for myself, which has the full SP2 installer file, Firefox, Avast, Spybot, and Adaware on it, that I then install while the box is still offline. It seems that SP2 does well enough at plugging exploits that the system then has enough time to download the other patches normally without becoming compromised.

Does anyone have a better solution?

Need people be reminded?

[suitepotato]

This is all partly as a result of the way the PC platform itself works, it's merely that Windows has got so much compound crap in its code that these things are bound to happen. As Linux distros continue to grow and mutate and people ignore the old idea of the smallest kernel possible, we're going to see more buffer overflow errors on Linux. If BSD had the same kind of useage rates as Linux, we'd see a similar trend there. Mac OSX is taking off, we're going to see evolutionary crap in its genetic structure as it were.

Tearing Windows present design platform down to the smallest parts and scrubbing and rebuilding would probably put back the release of XP's successor to 2016. Let's hope some people are listening on the Linux and OSX sides and get it in their heads to keep their code lean and healthy and well tested.

Re:Patches don't solve the problem on new installs

[wiggys]

Err, I don't like SP2 because I've personally witnessed it fuck up 2 PCs to the extent that they wouldn't even boot.

We had to use System Restore to go back. I don't have the time to find out what it is about the computers SP2 doesn't like. The service pack should just work. If there's something it doesnt like then we should have had a warning saying "Cannot install SP2 until you remove foo/bar"

Secondly, on the many machines I admin which do run SP2 okay, performance is definitely slower with SP2 installed.

As for your other moronic comments:

OSX is a far better OS than Windows (stability, security, ease of use, performance and general overall cleverness). And I don't own, nor have I ever owned, an Apple computer.

Windows 98 is faster and more secure than Windows XP. It's also has fewer features and is more unstable. Oh, and it doesn't look as pretty, if that's your bag. Maybe people are still running 98 because their computers are not fast enough to run XP? Or maybe they just use it because they have it, it works, and they can't afford £250 to buy Windows XP Professional for no good reason.

According to PC World Business here in the UK, a copy of XP Pro will set you back £210+VAT, whereas you can buy a brand new NEC PC, 256mb RAM, 40gig h/d, LAN, keyboard but no monitor WITH a copy of XP Home for £199+VAT.

Does that make any sense to you?

While I'm at it, go and look how much a full retail copy of MS Office costs these days. How does £350 sound?

The latest version of Knoppix runs from CD, and if you burn it to a CDRW you can even save your settings onto CD as you use it. It includes an OS, Open Office 2 Beta (excellent IMO), not to mention shitloads of free apps.

I like Windows and I tolerate MS Office but I do not think they justify the insanely high prices MS charges for them.

Virus Down, Malware Up

[EXTomar]

I don't see C/C++ as being the problem. It is more that the security hurdles in Windows makes it impossible to run efficiently in anything but a privilaged account. This allows malware of all sorts to take advantage of vectors not found on other Operating Systems. Opening an email could infect your system if done in a privilaged account. Reading a web page could infect your system if done in a privilaged account. Browsing the local network resources can infect your system... So on and so on.

You'd have to be a zelot fanboy to recognize that any Operating System is a complex software system. Complex software systems are prone to bugs and as pointed out every one of them receive regular updates to patch problems. The problem with Windows is not the bugs but the way they handle them which makes the entire process of correcting flaws painful. Today I've been chasing people to reboot after installing the patches (thankfully I can force the patch install remotely) their system because I know 90% of them won't reboot their machines. I tried once before to reboot in the early mornings but I got an earful from multiple people who didn't save and left things open.

Windows is not only hard to patch in the enterprise, its hard enough to work with that people won't close applicatons! Talk about a double whammy.