back to article Enjoying the Spring? Microsoft has 13 ways to fix that

Microsoft has put out 13 bulletins to address a total of 48 CVE-listen vulnerabilities in various products. The May edition of Patch Tuesday includes fixes for Internet Explorer, Office, Windows and Silverlight. Three of the bulletins were rated 'critical', with the rest earning Microsoft's second-highest designation of ' …

  1. Captain DaFt

    "Windows 10, due for release this Summer, will do away with the monthly update cycle once and for all."

    So it just rolls them in, quietly in the background, or each is each released as it comes, with an alert and advisory?

    Given this is a fairly typical patch rollout, that'd be three per week, a never ending patch Tuesday. (Winter is coming)

    1. Anonymous Coward
      Anonymous Coward

      "Given this is a fairly typical patch rollout, that'd be three per week, a never ending patch Tuesday"

      orange is the new black, and every day is the new tuesday?

    2. Buzzword

      Windows 8 and Windows Server 2012 will enjoy security updates until 2023. Sysadmins aren't going to be made redundant for a while yet.

    3. Anonymous Coward
      Anonymous Coward

      Windows 10, due for release this Summer, will do away with the monthly update cycle once and for all.

      I read that as "monthly is just not often enough".

      So it just rolls them in, quietly in the background, or each is each released as it comes, with an alert and advisory?

      Whatever makes it appear to be safe and boosts sales. You can see clearly that MS has a revenue problem - they are tinkering with the model to see what will work without screwing up the existing customer base. Part of the make believe is fixing the constant upgrade noise in the background. Originally, Patch Tuesday was brought in to leave people some bandwidth and control instead of losing the machine and network every times it's powered up, but now most companies either have enough bandwidth of a local cache so this is no longer needed. Having said that, any enterprise IT group that doesn't control its updates isn't doing their job, so I guess it'll now become an internal patch Tuesday.

      1. Anonymous Coward
        Anonymous Coward

        Enterprise can still have MS patch Tuesday if they like. This is a consumer initiative. There was an article on here a while ago detailing this.

    4. Anonymous Coward
      Anonymous Coward

      No problem with patches, what I do take issue with MS for are forced reboots for trivial updates. MS take note of Linux live kernel patching and learn.

  2. bigfoot780

    No word on an update to the with does update agent which hogs memory on win 7 x64.

    1. Tomato42
      Devil

      Bug fixes to such an old OS? ha, good one!

    2. Kevin Fairhurst

      i get this problem on my office pc. whenever i notice it being slower than usual, i have a small window of opportunity to get in to the services and kill the wuaserv entry before it grinds my entire PC to a halt.

      30-60 mins of random downtime during each working day is surprisingly counter-productive!

    3. TonyJ

      No word on an update to the with does update agent which hogs memory on win 7 x64.

      Autocorrect fail? :)

  3. Little Mouse

    May's patches have been released?

    In my book, that makes it time to install April's patches.

    1. Eddy Ito
      Unhappy

      Re: May's patches have been released?

      So how many of the lucky 13 patches are going to be pulled back over the course of the week?

    2. Eponymous Cowherd
      Coat

      Re: May's patches have been released?

      May's patches? These are the patches that allow the Government to snoop on your activity on t'interwebs?

    3. Destroy All Monsters Silver badge

      Re: May's patches have been released?

      In my book, that makes it time to install April's patches.

      I am now texting you about this update policy on your server screen from a Pakistani Internet café.

  4. arctic_haze
    Linux

    Windows 10 will be updated like a Linux distribution

    There is only one minor difference. Linux needs no reboot after applying the patches unless you update the kernel itself.

    1. Anonymous Coward
      Anonymous Coward

      Re: Windows 10 will be updated like a Linux distribution

      Since kernel v4.0, even that is optional.

    2. Mike Flex

      Re: Windows 10 will be updated like a Linux distribution

      " Linux needs no reboot after applying the patches unless you update the kernel itself."

      As almost every time I get an Ubuntu update a new kernel turns up there's no difference for me between Ubuntu and Windows in the number of reboots required.

  5. SecretSonOfHG

    Where's the classic "it's 2015 and you can own XXX by YYY" headline?

    Missing it. Come on, El Reg, respect traditions.

  6. Shannon Jacobs
    Holmes

    Another month, another billion bytes of new code?

    Kind of hard to believe. Second month in a row with over a billion bytes (1,168.4 MB) of "routinely urgent" security patches. If I couldn't see the profits and the cash reserves, I'd have to wonder if there was something wrong with that economic model. Heaven forbid there's anything actually wrong with the software!

    What's really bothering me about this never-ending flood (or at least minor torrent) of patches is that there must be more bugs where those came from. Just got Richard Clarke's "Cyber War", but the war is against us, and we already done lost. I'm quite sure the NSA has a much bigger list of Windows bugs than Microsoft knows about. (I'd be inclined to think that other national espionage agencies do, too, but perhaps not. At least I hope that none of them shares the NSA's biggest advantage of a copy of the source code...)

    1. Mikel

      Re: Another month, another billion bytes of new code?

      How likely is it do you think that Microsoft produced 1GB (compressed) of code, in a month, and didn't introduce any new bugs?

      1. This post has been deleted by its author

        1. Ken Moorhouse Silver badge

          Re: Another month, another billion bytes of new code?

          That assumes that the original code was audited/auditable.

          Using an example from the past: if it is not realized that something that is changed is a "goto" target from an obscure source somewhere else that is rarely invoked then that change will likely cause a new bug to appear.

      2. Anonymous Coward
        Thumb Down

        Re: Another month, another billion bytes of new code?

        This isn't a new 1GB of code, it's 1GB(ish) of compiled executable, mostly of existing unchanged code with some fixes. I don't know about you, but I don't have a new dll for every method or line of code that I write! The actual amount of code change is much less than this headline-grabbing figure you're chucking around. But you don't care about that, because it doesn't make you look big and clever. Which you're not. Ne de ner de nerr nerrrrrrrrrrrrrrrrrrrrrr!

  7. Anonymous Coward
    Anonymous Coward

    "Having said that, open source projects are not always much better."

    Open source projects are generally much worse with much higher numbers of bugs discovered.

    1. Anonymous Coward
      Anonymous Coward

      "Having said that, open source projects are not always much better."

      Open source projects are generally much worse with much higher numbers of bugs discovered.

      The reality is that we have no proof either way because you have no idea what else companies like MS and Adobe fix with any given patch - you only have their statement for it. Personally, I prefer Open Source for the simple reason that I can always get a 3rd party to look into any bit of code I consider important, and it's rather cool to work with the people that actually *wrote* the code instead of having to fight through several layers of clueless management to get a change or improvement implemented. I can simply place my money there where it does the most good.

  8. graeme leggett Silver badge

    50 updates for my machine - about 1 Gb

    But this is on a computer with elements of MS Office from 2003, 2007, 2010 and 2013 (visio trial).

  9. adnim
    Joke

    What's

    Silverlight?

    1. Michael Habel

      Re: What's

      Its the thing you need to watch Netflix on your PC...

      1. adnim

        Re: What's

        Netflix? ;-) Don't use that either

    2. SecretSonOfHG

      Re: What's

      Silverlight was Microsoft's attempt at taking the crown out of Flash for embeddable content in web pages, released just at the time Flash was becoming irrelevant. Like Flash, it has been abandoned by Microsoft already.

  10. Anonymous Coward
    Anonymous Coward

    1.4 gigaf...byte of update(s)

    including silverlight, I've do-not-wanted several times before,

    90 MB for Excel

    50 MB for Powerpoint

    162 MB for Word

    unspecified 68 MB for Ms Office

    another unspecified (sure, I can look it up) 205 Mb for the abovementioned package

    some 350 MB, skype for business, bless them, never installed, unticked at least 4 - 5 times in the past

    almost 70 MB for onedrive for business, unticked many, many times before (DNW)

    almost 80 Mb for one note (despite never having installed and then unticked several times)

    almost 90 Mb for outlook (likewise, never installed, always marked as "do not offer updates again"

    likewise, but a mere 3 MB for Outlook social fucking connector

    and over 30 MB for Ms project. Never installed, several times removed from the list of updates.

    Plus a welcome range of about 40 other updates. God bless!

    1. Anonymous Coward
      Anonymous Coward

      Re: 1.4 gigaf...byte of update(s)

      Just to clarify, these are optional updates that WU offers you, as opposed to declining the other update classifications?

      1. Anonymous Coward
        Anonymous Coward

        Re: 1.4 gigaf...byte of update(s)

        I have to admit I'm surprised. Less than a day later and the hidden Silverlight still hasn't been re-offered ('re-offered' - I guess that shares the same root as 're-offend'? Which would be 're-offed', as in 're-****** offed'?).

        Is this a bug in with does update agent? A change in policy? Because if previous behaviour of seemingly Microsoft's refusal to contemplate not reneging on the hiding of it actually represented successive, unique patches, it looks as if Silverlight is more flawed than Flash!

        It's a bug, though, isn't it. Possibly introduced by this months rogue. Soon there'll be an emergency patch with a description as disingenuous as the Windows 10 upgrade ones, and then the with does Silverlight nag will be back.

        I for one will welcome (back) our 'banality of evil' overlords!

    2. Anonymous Coward
      Anonymous Coward

      Re: 1.4 gigaf...byte of update(s)

      1.4gb ! Wow that's an entire Distro install.

  11. Anonymous Coward
    Anonymous Coward

    They're not MS-9xx they're MS-0xx.

    Come on dumb-ass Register posters. Have someone QA your inaccurate posts!

  12. GlazedAndConfused
    Facepalm

    "Recommended" Crapware

    KB3022345 was bundled in as a recommended update this month, "to enable the Diagnostics Tracking Service in Windows" (why oh why???). The update gives corrupted files after running sfc /scannow.

    Numpty let M$ automatically put this rubbish into wife & kids PCs. Affected PCs still "seem to work", but have corrupt files. Numpty now hoping M$ will fix it next Patch Tuesday, which could be a long wait if they abolish it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like