digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

Patch Tuesday: Microsoft Fixes Critical Windows Bug

pcworld.com — The November security updates fix the so-called URI problem, a critical Windows bug that has been exploited by online criminals.

Bury
show profanity settings
expand all
  • webpimp, on 11/15/2007, -20/+14what else is new!
    • ayeroxor, on 11/14/2007, -4/+6FYI: Questions end in something confusingly called a "question mark".
      • Giga, on 11/14/2007, -0/+1Or an interrobang.
      • guntario, on 11/14/2007, -2/+1When using a question as rhetoric, it is proper to use an exclamation mark.
        • ayeroxor, on 11/15/2007, -0/+1When telling an ignorant twit to shut his stupid, festering gob, it is proper to finish one's berating with a period.
  • SuperWinner, on 11/15/2007, -28/+9How can it be news when they patch things every Tuesday? I turned off Windows Update about a year ago... no problems.
    • CLShortFuse, on 11/15/2007, -2/+32IP please.
    • chris4404, on 11/15/2007, -3/+16Like making whoopie without a rubber, it seems fine......till the tests start coming back.
      • SuperWinner, on 11/14/2007, -6/+1I can safely say that unless you take care of your own security, no amount of Microsoft Updates will ever protect you. MS is too far behind the hackers and will never plug all the holes. MS issues patches to give the general public some feeling of security, and for public perception that they are 'doing something' about the problem. Its *****, they are idiots. XP is a security nightmare and always will be.
  • nipples8, on 11/15/2007, -38/+11Why do they still limit the patches to Tuesday's? They are frequent and serious enough to warrant instant release. Another reason to like Linux.
    • Trax91, on 11/15/2007, -3/+24You would be gold if you didn't added the Linux fanboyism phrase.
      • kaeves, on 11/14/2007, -1/+5They actually used to do it all the time, but they received enough requests from administrators, etc. to make it less frequent, so they came up with Patch Tuesday.
    • monkeyboy7706, on 11/15/2007, -0/+2Linux isn't fully secure either, why else do distros have security repositories. I do agree though that maybe limiting patches to one day f the month is not the best thing.
    • alphaterminus, on 11/15/2007, -0/+1So they can crash Skype.
  • ykliu, on 11/15/2007, -17/+6If this is news, I give up!
  • CyberPhoenix, on 11/15/2007, -33/+15The Abusive Monopolist should rewrite the entire low quality OS and remove the DRM/activation/WGA/spyware infection, not just patch it.
    • Kamujin, on 11/15/2007, -6/+33Translation:
      I don't understand computers, but I do like to repeat inflammatory terms that I heard someone else use.
    • falafelkiosken, on 11/14/2007, -2/+4you can also patch you clothes when they fall apart.
      no srsly, a good foundation is always the single most important thing, without it there's always going to be security holes
      • litolist, on 11/14/2007, -2/+3There will always be security holes, regardless.
        Linux and Mac adoption for the desktop is far less than Windows, which is a *small* part of the reason you see a lot less security holes in them.
        • falafelkiosken, on 11/15/2007, -5/+3AND because of the UNIX foundation
          • dazparkour, on 11/15/2007, -2/+3Linux
            Is
            Not
            Unix

            Really, that's what LINUX stood for.
          • MioTheGreat, on 11/15/2007, -0/+3Oh really? Then why is Vista's security record comparable/slightly better than OSX and some Linux distros over the last year? Especially when it provides a much more enticing target for hackers (It's going to be the world's highest market share OS soon. It's inevitable.)
          • andycr512, on 11/17/2007, -0/+1dazparkour: That's not true. Linus Torvalds used the development name of Linux after himself (Linu from his name, and the x as homage to UNIX), but thought it was too egotistical to release it under that name. Ari Lemmke liked the name, and was the first to provide FTP space for it, so he called it Linux and it has stuck ever since, against Torvald's initial desire.
      • Kamujin, on 11/14/2007, -1/+2If I have a problem with my transmission, I replace the transmission. It is not logical to suggest that I need a new steering wheel because my transmission was faulty.
        Operating systems are also made of parts.
      • dazparkour, on 11/14/2007, -0/+3You could get a live CD and use it in a pc with no hard drive. Infect that.
        • cquinnd, on 11/18/2007, -0/+1Because memory addresses never change, and nobody cares about the data or other services being connected to?
    • Roryking, on 11/15/2007, -1/+4The Abusive Monopolist sounds like a blog, not a software company
      • cquinnd, on 11/18/2007, -0/+1Sworn enemy of the Fake Steve Jobs? I can actually see somebody doing that.
    • DiggLive, on 11/15/2007, -5/+8Apple/Linux users lying about Microsoft in the Microsoft section get dugg down for telling fanboy-ish lies.
      Apple/Linux users lying about Microsoft in the Apple/Linux section get dugg up for "fighting the power".
    • kretik, on 11/15/2007, -3/+3CyberFlop strikes again. How's Roy *****, by the way?
  • Truzseeker, on 11/15/2007, -23/+11Gates sells computer bugs.
    • crapmatic, on 11/14/2007, -2/+4You're way out of line, mister. He doesn't sell the computer bugs.... his resellers do.
    • DiggLive, on 11/14/2007, -4/+1Just to balance everything out, Apple stores sell the computer bugs too. Linux stores do too.. oh wait..
  • Beatmiser, on 11/15/2007, -3/+20I just had each of our servers reboot for this. I fail at remembering to turn off the feature that causes reboots on 2k3 servers when you log off on patch day.

    Oh well. The resulting panic killed an hour prior to lunch..so oddly I'm grateful.
    • natenovs, on 11/15/2007, -7/+2why haven't you been fired yet?
      • sirhomer, on 11/14/2007, -1/+4No one has been fired for using Microsoft products.
      • Beatmiser, on 11/15/2007, -0/+1Ahhh the armchair Sysadmin.
  • bbardlbradd, on 11/14/2007, -7/+11Is there a way to circumvent the updates that kill cracked vista? I want performance improvements that will influence me to buy a copy.
    • Shakermaker, on 11/15/2007, -1/+6LOL....yeah, that must be the reason....
    • unknownsoldierX, on 11/15/2007, -1/+1I'm not sure what crack you used, but I haven't noticed anything on my Ultimate install. I used the "mAmluX WindowsVista Activator" when Vista first came out and it's been running fine since.
      • bbardlbradd, on 11/15/2007, -0/+1idfk what I did, I know that it required me to set the clock to like year 3000 and things like that. :^/

        I haven't updated in a while, I know of a few that will break the patch, so I'm really iffy about it. I haven't had any serious problems with it though. Once in a while I'll get the little keys in the task bar telling me that I have... so many days to activate...Mmm... Can you crack after cracking?
  • MissingScrews, on 11/15/2007, -7/+4But I restarted last week..
  • josephblanx, on 11/15/2007, -2/+14No word on the Vista patches? First patch: kb941649
    This update improves the compatibility, reliability, and stability of Windows Vista. This update includes the following improvements:
    • It extends the battery life for mobile devices.
    • It improves the stability of portable computers and of desktop computers that use an uninterruptable power supply (UPS).
    • It improves the reliability of Windows Vista when you open the menu of a startup application.
    • It improves the stability of wireless network services.
    • It shortens the startup time of Windows Vista by using a better timing structure.
    • It shortens the recovery time after Windows Vista experiences a period of inactivity.
    • It shortens the recovery time when you try to exit the Photos screen saver.
    • It improves the stability of Windows PowerShell.
    This update also resolves the following issues in Windows Vista:
    • A compatibility issue that affects some third-party antivirus software applications.
    • A reliability issue that occurs when a Windows Vista-based computer uses certain network driver configurations.

    second patch: Cumulative update rollup for USB core components in Windows Vista
    http://support.microsoft.com/kb/941600

    I'm not sure yet how much this affects the performance, but hopefully it does speed up the hideous boot times.
    • ZaZ2137, on 11/14/2007, -0/+2Old news and no it really doesn't, maybe a 3-5% faster bootup time, more likely you're going to notice increased response time during boot up once logged in.
  • loginabove, on 11/14/2007, -19/+5A bug in vista or xp?
    vista is a dud. Dead and stinkin'.
    XP can be brought up to perfection in at least 5 more years.
  • falafelkiosken, on 11/14/2007, -9/+6I've read Microsoft initially gave Mozilla the blame for this
    • MioTheGreat, on 11/15/2007, -1/+5Firefox had a URI handling bug too. You could use chrome:// to do some nasty things. I believe this is a seperate bug. I use Vista, though. So between Protected Mode IE and other changes, I'm pretty safe from all of it.
  • blackmage439, on 11/15/2007, -20/+54What you fools fail to understand is Microsoft is rated as the quickest responder to bug/hack reports compared to other major OS companies. Apple is abysmal when it comes to admitting they made a mistake. Not only that, but I doubt Mac OS and especially Linux would be as "rock solid" and "virus free" if they had the market share that M$ does. Quite frankly, I'm amazed Microsoft has survived this long with all the bad press and hacker threats it receives, even with their supposed "broken" OS. I just recently started using Leopard at work, and you know what? I find its "300+" "new" features to be as worthless as Vista. I badly want to go back to using Tiger. Anyway, back on the Microsoft track. I have been using XP since it debuted on the market, and I have NEVER had a virus, spyware, or hacker compromise my system. Microsoft is doing a good job; it's the idiotic end users who always click "YES" that are the biggest problem...
    • DiggLive, on 11/14/2007, -1/+14I feel the same way. Malicious software can be written for any system, and as long as there's users that install it, no operating system is safe.
    • JoaoPe, on 11/14/2007, -5/+7Amen!
    • jakem1, on 11/14/2007, -2/+7Note that none of these bugs effect Vista.
      • sirhomer, on 11/15/2007, -5/+3This bug also doesn't effect Linux either.
        • lime148, on 11/15/2007, -1/+4Linux is affected by that nasty bug where it has nothing to actually use on it.
          • andycr512, on 11/17/2007, -0/+1I use all the Windows apps I need, including games, minus one that was written poorly and barely works on Windows, fine on Linux without emulation.
    • FranTaylor, on 11/14/2007, -8/+7That's like saying that Exxon is the most environmentally-friendly oil company. It may be true, but look at the others.
      I like linux because I can fix bugs myself and not have to worry about when the vendor will get around to fixing it.
      I found a bug in Fedora, submitted a patch, and it was turned around in a couple of days.
    • chesscat, on 11/15/2007, -10/+3Your post is about as believable as George Bush.
    • deadbaby, on 11/15/2007, -0/+2You might have a valid point but starting off a post with "What you fools don't understand" is such a horrible way to present it.
  • Cilix, on 11/14/2007, -7/+1Not to be confused with UTI
  • yohan, on 11/14/2007, -5/+4Wouldn't Firefox using NoScript fix this? Isn't the problem that javascript launches stuff (assuming you're not actually stupid enough to click links that launch protocols other than http, https or ftp)?
  • dupswapdrop, on 11/15/2007, -4/+15Apple's answer to all problems is buy our new computer, we have one coming out in about a week.
    • f0dder, on 11/14/2007, -2/+4Don't forget the $400 extended warranty
    • deadbaby, on 11/15/2007, -1/+1You do know a patch for OSX 10.4 came out today right?
  • banmaster, on 11/15/2007, -4/+10Oddly enough, if you read the article instead of just jumping on the anti-MS bandwagon digg is known for, you'll see than none of these issues affect Vista at all!
    • banmaster, on 11/14/2007, -6/+5Digging me down won't make me wrong you stupid muppet!
  • aceallways, on 11/14/2007, -10/+2This update crippled my vista installation (no it is not pirated).

    When I try to boot it says I should put in my disc and repair...tried that, didn't work.
  • YuriSakazaki, on 11/14/2007, -6/+3Does this update really kill pirated Vista installs?
    • astrotrain, on 11/15/2007, -10/+5Vista killed itself.... it didn't need any pirates....
    • chesscat, on 11/15/2007, -8/+3Why would anyone pirate vista? Oh yeah, right, who wants to pay for this piece of *****?
      • ZaZ2137, on 11/14/2007, -4/+5The people who don't know how to use ubuntu or os x but feel they must 'upgrade' somehow
      • all13d, on 11/15/2007, -0/+2Some of us actually LIKE Vista. You know, shocking!

        It's better than XP in a lot of ways. If you don't like the new interface, turn the damn thing off, don't complain about it.
  • astrotrain, on 11/14/2007, -6/+2The Moody Blues should cash in on a song parody for Patch Tuesday...using the Tuesday Afternoon music.

    Something like this may be the next big hit in the IT World:

    Tuesday Patch Day
    I'm just beginning to see, there are lots of patches for me.
    31249 patches and I'm threatened they've got to install now.
    They all want to reboot my machine
    They're all as huge as a cow....




  • SideShowMel0329, on 11/14/2007, -1/+2Anyone else having trouble installing this patch?

    I successfully installed "Update for Windows (KB941649)", but then it wanted me to install an update called ""Update for Windows VISTA (KB941649)", and it keeps failing with Error 8007007E...

    Am I screwed or is there a way to fix this?
  • Meatetarian, on 11/14/2007, -3/+3That's all well and good, but why do they have to restart my box for me?
    • natenovs, on 11/14/2007, -2/+3because you have auto update set to restart you box for you.
      • Meatetarian, on 11/14/2007, -3/+2Yeah, but is there an option that says "Go ahead and install stuff but maybe get my confirmation before you restart." in Vista? And I know, Vista was my first mistake. I'm an inch away from going back to XP.

        Here's the deal: I admit that I'm much too lazy to initiate the installation of updates, so I don't mind that Windows takes control of that (funny how I actually ENJOY updates in Ubuntu -- maybe that's because the process feels more transparent?), but I don't want it restarting my computer when it finishes up. What the hell is that about?
        • Meatetarian, on 11/14/2007, -1/+3Blech. Lemme clarify before the trolls eat me: I don't want my computer restarting without my permission. =P
    • avgbody, on 11/15/2007, -0/+1Probably because they did a patch on a service or dll which means the computer has to restart.
  • 10GunSalute, on 11/14/2007, -0/+5It would have been cooler if they showed how the exploit worked
  • ilieff, on 11/14/2007, -2/+1ups
  • Harbinger67, on 11/14/2007, -1/+2Woot! I've been waiting for this patch.

    I hear they rebalanced Word talents, and are FINALLY reducing the crit rating on Excel's 'paste function' function. Are the servers up yet?
  • derelicte, on 11/14/2007, -2/+1Beware of this patch.

    This patch made my system nuke itself, after repeated troubleshooting.
    The BSOD it gave was IRQL NOT LESS OR EQUAL.

    Upon further investigation, it seems to have modified something in the OS that required an ESCD reset (DFI Ultra-D, Socket 939), as well as a voltage drop (go figure)

    Please be wary if you overclock with these patches.
  • benitojuarez, on 11/14/2007, -1/+2I enjoyed reading the patches that were for security vulnerabilities were not needed for windows vista. It doesnt seem like anyone caught that.
  • sirhomer, on 11/15/2007, -11/+5Windows sucks.
  • zonk3r, on 11/14/2007, -0/+4I love how a supposed conversation about an important patch deteriorates to unnecessary trollish fanboyism on all sides.
    Windows suck, Linux Sucks, Apple Sucks, Etc... Who cares what flavor you like?
    Go put it on a bumper sticker and leave it out of the conversation here.
    • chesscat, on 11/15/2007, -5/+0Windows sucks.
    • deadbaby, on 11/15/2007, -0/+3Most people are too ignorant of security and/or programming to actually comment on the subject so instead they make it a flamewar which ultimately comes down to personal preference. In other words, it's a way for stupid people to feel smart.
  • chesscat, on 11/15/2007, -2/+1Tuesdays: Window user's masochist day.
  • acidbass, on 11/15/2007, -7/+2Burried as MS Marketing dept trying to pass this off as *good news*.
    Hey, Redmond jackasses, your product is *****, and bragging about fixing your crappy software is not news.
    Everytime M$ announces some crappy fix, i expect Windows to get better, nope,
    Windows:
    still sucks,
    Always has sucked,
    always will suck.
    • jasqwerty, on 11/15/2007, -2/+2>>BAWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW

      Try crying less *****. Your bitterness and jealousy are showing.
      • acidbass, on 11/21/2007, -0/+1Well just because your dad looks like a bitch and i ***** him up doesnt make me a *****, but what do you call me when i got your mom's smelly pussy turned so far inside out that she cant walk for 3 days? Huh *****?
  • PaulSu, on 11/15/2007, -3/+0Microsoft hasn't pushed out a patch for the bug, given that Macrovision has already made its fix available........I think Microsoft wanted some other company fix their problems since there support so poor. As a former company that paid a few hundred dollar to Microsoft a 1year 3 subscrition support was poorest decision I made. Not to mention comming to work and find nearly 100 computer reboot after a update. Althought feature has been auto install and update is disable
  • kroenecker, on 11/15/2007, -5/+2I say let the windows sheeple whoreship the throne of their pristine ruler Gates. There are a far more interesting OS's out there for the rest of us.
  • zezerik, on 11/15/2007, -0/+4good thing Apple and Linux are so secure and flawless they don't need patches. Whew!
    • LinuxKitty, on 11/17/2007, -0/+0Linux security fixes are transparent without undocumented changes and hidden "features". Have you forgotten the infamous "critical update" for XP a little over a year ago that in reality was a tool that phoned home? It never ceases to amaze me how much some companies can get away with -- and how customers of a product defend it almost as if it was their creation, oblivious to criticism.
  • MissingScrews, on 11/16/2007, -0/+0I use Windows and Linux, and both have there advantages. I want to play a game? I'm not gonna deal with Linux or Mac, go straight to Windows. Saying one OS is superior is like saying one car is superior, yet I see a wide variety on the road. We live in an age where HD space is becoming less of an issue, so running multiple OSes is definitely going to be the future. Stop being fan boys and start being realistic.
    • LinuxKitty, on 11/17/2007, -0/+0It's not a matter of disk space, but a matter of convenience. I don't reboot my computer to play games in Windows, or end up with IM logs and mail in different places. Instead, I bought a PS3 and a Wii, and I play games on there. Problem fixed. (Not to mention that Windows does not like being installed on a system that already houses another OS.)

      Revenue from PC games has been decreasing for years, so I am not sure that games will be a concern in the long run. (Except perhaps MMORPGs.)
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.