Microsoft Takes a 'Patch Tuesday' Break 151
Phill0 submitted a ZD story about
Microsoft's week off which says
"Microsoft has no new security updates planned for Tuesday, despite at least five zero-day vulnerabilities that are waiting to be fixed.
The patch break could be a welcome respite for IT managers still busy testing the dozen fixes Microsoft released last month. Also, many IT pros may be occupied with the switch to daylight saving time, which at the behest of Congress, is happening three weeks earlier this year. "
DST (Score:5, Insightful)
Idiot congresspeople.
What about when they realize it was stupid? (Score:5, Insightful)
On the good side, we found out what doesn't come back up automatically after a reboot on the Sun systems that needed the libc patch, too.
Don't bust Congress' chops... (Score:0, Insightful)
Re:Zero Day (Score:4, Insightful)
DST fiasco (Score:4, Insightful)
Microsoft blew it, folks. This is not to say that OSS does it much better, although Red Hat and FreeBSD (two other OSs we use) nailed the patch months ago. But when you are a $50B company and could only produce the detritus that is the DST patch, there is no excuse for it.
Re:DST (Score:3, Insightful)
It has nothing to do with saving energy. It's about Congress and the Administration wanting to look like they're doing something about our dependence on foreign oil. There's very little energy savings to be had: these new weeks come in the heart of winter, where a few extra hours of daylight in the evening won't matter because who's going outside when it freezing, and more importantly, people will still have to be heating their homes and offices regardless. And since it will be darker in the morning, when people get up to go to work, any evening savings will be offset by morning usage.
They would have been better off writing a bill to increase tax credits for alternative energy sources and trying to encourage more fuel efficiency in cars and an increase in mass transit. Instead, we get window dressing.
Re:DST fiasco (Score:3, Insightful)
But in this case they've blown it. We called them a year ago to ask them about their plans for the change to DST and they asked "what change?". They only really started to come out with patches a couple of months ago.
CRM? Don't get me started...they kept on finding new components to be patched, server and client, said they'd release the patches in early March (!), finally promised to release on February 28th, and then two days before release date came out and said they'd found some problems and the release would be delayed for another few days. And by the way, if you have more CRM clients to be patched than can be easily handled manually and you don't run your users as local admins, then you're in trouble because it's nigh impossible to get CRM patches distributed over SMS.
The Exchange/Outlook tools are a nightmare. The rebasing tool causes all appointments set in the three week period between new DST time and old DST time to be sent out again so all our users came in to work one morning to find their inboxes filled with dozens of appointments which had been resent. And the whole dismal complicated procedure is so complex we've been told it'll achieve perhaps a 90% success rate and there will be problems that we have to fix manually.
No, ordinarily I'll at least be able to defend Microsoft against Linux zealots and fans, but this time they messed up. Big. That the people we talked to didn't even know this was coming a year ago until we alerted them is just wrong, and it has very plainly been downhill from there.
Re:Zero Day (Score:1, Insightful)
Re:DST (Score:4, Insightful)
If you don't live in Maine, this makes a heck of a lot more of a difference than you apparently realize. (Yes, restricting to only Maine is an exaggeration, too. Deal with it. You know what I mean by it anyway.)
Re:DST (Score:5, Insightful)
Which Windows 2000 bug was that?
Oh, you meant Y2K? Yeah, it "never happened" because thousands of dedicated professionals worked for years to fix and upgrade old systems.
Re:What about when they realize it was stupid? (Score:4, Insightful)
Re:Useless and intentional waste. (Score:3, Insightful)
Patching will never fix *any* security problems in *any* system on desktop use. Most, if not all software, has vulnerabilities of some kind. You can't just dismiss Windows because it has holes in it, when there are holes in open source software as well.