Microsoft to Release 7 Patches Next Week

craters writes "Microsoft plans to release 7 patches next week for Windows and Office. From the article: 'In the monthly pre-patch notification it sends out five days prior to unveiling fixes, Microsoft said that at least two of the seven will be rated Critical, which by the company's definition means that the vulnerability can be remotely exploited.'"

I hope it's not business as usual...

[bogaboga]

I hope it's not business as usual; in other wards, small sized patches.

Why?

Because on my Windows 2000 system, the size of the patches 33 in number so far, is bigger than the OS itself! And some quaters say 33 is pretty conservative because M$ puts more than one patch in the so called "hot fix" as seen in the Control Panel. I am already afraid, not to mention a patch that might break other software!

Re:Lack of bug fixing strategy

[flooey]

It appears there is a conflict at Redmond. In one case they are fixing a bug which has yet to be discovered, in another they are fixing a bug which has existed for around nine months.

It's about time they came up with a proper strategy other than randomly fixing the bugs they want to fix.

It looks unusual from the outside, but it doesn't necessarily mean that they don't have a proper strategy. Some bugs are easy to fix, some are difficult. Some are more important, some are less important. Some are likely to cause software to stop working, some aren't. Since there's no way to know just what was involved in each bug at this point (and we'll probably never know what the source looks like as it relates to the bugs), just because it looks funny doesn't mean they're not prioritizing properly.

Remotely exploitable but not neceassarily wormable

[Anonymous Coward]

There's no cause to panic yet, because this doesn't _necessarily mean a worm can happen (ie, doesnt breach the SP2 firewall, or work in outlook, or IM, or get past HTML filtering in most web email providers). Based on the past, more likely is that they are talking about an IE only exploit. If the remote exploit is just in IE that it means is that if you visit a malicious website .. they can infect your computer. Yes, a danger .. but if you are paranoid and only go to selected websites .. you're reasonably safe.

Re:Released Early

[drinkypoo]

Dude, if the imac is the answer, it must have been a pretty stupid question. I don't want to trade one proprietary system (mostly software) for another (mostly hardware.) If I'm going to leave Windows as my desktop OS, then it's not going to be for another vendor that seeks to limit choice. Which is any vendor.

So what?

[MSFanBoi2]

I don't see what the big deal is, both Linux and MacOS get patched. Some more often than others...

Why is this on the front page of slashdot???

[dynemo]

so all of the linux/OSX fanboys and start flaming Microsoft yet again. Sure, they have vulnerabilities in their product, so does everyone else. If anything, being the security professional that I am, Microsoft has made me MONEY over the last few years. BTW, I use linux ALL of the time.

Re:Released Early

[MSFanBoi2]

Never mind the dozens of patches needed to get MacOS X secure and all the money needed to spend to get a computer that runs it.

Re:Part of ad push?

[PFI_Optix]

As I've said several times here before:

I don't have a virus/spyware problem. My XP box has NEVER had a virus or spyware. I don't put a lot of effort into it, it just hasn't picked one up.

Here's what I have:

A NetGear broadband router (buffer against most worms)
Windows Firewall that spends most of its time turned off
AVG Free
AdAware Personal that I scan with irregularly
Spybot and its automatic utilities

AVG, AdAware, and Spybot are almost always the first three things mentioned if you go anywhere on the internet and ask how to secure your XP system. A broadband router is often recommended even by ISPs these days, and provided by SBC DSL as part of the DSL modem (though I use my own because I like it better).

If we flipped Microsoft's market share with Apple or Linux, we'd find out just how many security holes exist in those operating systems. We don't see all the virus and spyware activity for them because there aren't enough in the hands of uneducated users for a virus to propagate. If you want to sell crappy $10 software at Wal-Mart, you write it for the largest number of average users you can. If you want a virus to spread and get noticed, you do the same.

mod this post -1 Unpopular for saying Apple and Linux have security holes :D

Re:Windows 2000?

[Phillup]

Seriously though, what's your objection to Windows XP?

I don't know about the original poster... but I like to know that 10 years from now I can install the OS and use it in whatever emulater I'm using at that time. (Right now it is VMWare)

Product activation is a HUGE objection for me. (and not just for some time in the future...)

After paying for an OS I really don't think it is anyone's business how many times I reinstall it, as long as I'm not using it on more systems than licensed for.

And I sure as hell ain't gonna ask permission to use it the way I want...