IE and Graphics head Microsoft's Patch Tuesday critical list There's 15 flaw fixes covering 36 vulnerabilities in this month's patch bundle from Microsoft. Microsoft's browsers need a lot of work – Internet Explorer gets five fixes and the new Edge code has four. Both applications' patches have been named as critical by Redmond. There's also a five-fix bundle for Microsoft's graphics …
I have just gone through WSUS approvals and you may want to watch out for KB3150513 which is new and adds more telemetry to "help Microsoft and their partners better understand how to best shaft Windows 10 down the throats of the collective human race." And whatever else.
I haven't taken a look at non-WSUS installations yet but as always do look out for KB2952664 and KB3035583 as these two updates are perpetually being updated and republished.
I am of course assuming that Microsoft hasn't added malware to any of their security updates as they have an update or two ago.
<3
Yawn! For the umpteenth time ... Edge is not a clean build. Microsoft were very clear during the W10 beta program (when Edge was introduced) that they had started from the IE source code, identified features that were no longer part of HTML and which were particularly gnarly to implement, and removed support for those features. Therefore, the basic design of the code remains unchanged and nearly all of the code in Edge will be found almost as-is in IE.
To Microsoft's credit, they are at least trying to maintain an independent browser engine and thereby prevent Chrome turning into a monoculture. It's almost as though they have some prior knowledge of how bad that would be for everyone except the monoculturalist.
@ gerdesj "I've stopped updating Windows."
I'm in the process of moving to Linux. What should I do? Just jump straight in and lose my working environment? Or should I spend time sourcing replacements or Linux versions of programs I use? In the meantime I don't want Windows to fuck itself via hidden updates.
I won't be taking your advice. You sound like an idiot with a superiority complex.
"I'm in the process of moving to Linux. What should I do? Just jump straight in and lose my working environment? Or should I spend time sourcing replacements or Linux versions of programs I use? In the meantime I don't want Windows to fuck itself via hidden updates."
Dual booting has worked well for me, but in practice I ended up spending most of my time running Linux so I tended to use a VM hosted under Linux to run Windows apps. It worked pretty well for me, and I found that some file I/O intensive apps ran faster on a Linux hosted VM. The only gotcha with that is that a rarely booted Windows instance spends more time updating itself than being useful (I'm not even joking about that sadly).
1) First step, always, is to fully backup/image your working Windows PC.
2) Second step is to spend a short while going through each bit of software you use (not always what is installed!) and create a list of it, why you use it, and any special catches with that (e.g. you must have V1.1 because V2 broke XYZ...etc). Make sure you can find the installation media/files, and any licence keys, etc.
3) From step 2, consider how critical EXACT compatibility it, and how much you really need any compatibility. From this you can decide if there are Linux versions that are good/better substitutes. Generally for email & web you will find Thunderbird & Firefox are shipped with most distros and work just fine as long as you are not tied to Exchange and/or crappy IE-only Intranet services.
4) Decide if you want to dual-boot, or try creating a Windows VM from your current PC. Both have slight risk, and to be perfectly honest, if you can create a clean VM of windows, patch it, and install only the software you really need, it will be faster and more reliable. Pros & cons:
Dual-boot - gives you Windows native speed for games, etc, but you lose out on disk space and risk some dumb-ass Windows update breaking the grub boot-loader (some shitty old software, like certain Adobe things, would also break grub booting by putting DRM stuff just after the MBR and outside of the Windows file system assuming nobody ever needed that...).
VM allows simultaneous Linux (e.g. web/email safely) and Windows (specialist software) but is more memory-heavy and you lose out on fancy graphics speed.
You're between a rock and a hard place: if you DO update Windoze as MS want you to, you're forced into the lunacy that is Win 10. If you DON'T update it, you're certain to fall victim to one of the growing multitude of exploits that cause so much trouble....
You really should upgrade to an operating system and software that Just Works™. It doesn't suffer from malware because of its permissions structure (something that MS just can't get right), and it makes full and proper use of your hardware, without all the wasted resources that Windoze demands for its "security" software. In the first instance, move to Linux Mint - it installs in 10 minutes, asks you for your name and chosen password and then you're away.
Make the move - you won't regret it!
My non tech Dyslexic sister loves mint. I was a little worried about the amount of transition support she would need, but turns out it was an easy road to travel As she had already been weaned off of many windows defaults, so much of the software installed on her desktop machine - Next up - the laptop loses its link to Redmond.
Thanks for the fantastic laugh...
Moving to Linux, Ubuntu, etc. doesn't mean you're life is so much easier. Do you realize the amount of applications (not to mention the OS) running on Linux which have open vulnerabilities which aren't getting attention from vendors?
Whether you're on a high horse repeating something you've heard, or just ignorant in general... moving to any OS has it's problems. Playing on the Internet and imagining you're the best coder on Earth, then spouting out condescending statements; remarking, you can't understand why people can't develop better applications... it's just moronic. You're only displaying to everyone how foolish you are.
I have almost NEVER updated ANY copy of windows I have installed many times...
basic rules..
DO NOT USE IE or outlook!
Use win7 64bit ( you would be surprised how many old PCs can use it!! and there is NO way I know that can find out, except for installing win7 64 bit.... :p Yes, geeks, I know..... read my reasons...
Use either chrome 64bit or PaleMoon 64 bit (this is built on firefox V24, and made for people who just want the INTERNET, and do not want silly features that devs and geeks want!!!)
If all you want is to show of how fast , new, , and flashy it is, you know where to go... :) :)
Firefox updates are also getting to be a minefield. For the second time this year the latest update has decided to disable the Selenium Web Drive add-on. Even re-installing an older version does not change the situation. Last time it happened - a subsequent update eventually fixed the problem.
At least this time it only took me a few minutes to decide downgrading wasn't going to work - and throw the code switch to use Chrome instead. Last time it cost me six hours to find a circumvention.
Why can't they have a "developer override" like Chrome?
Unfortunately the Chrome version of Selenium Web Drive is much more sluggish than Firefox. At least it allows my weekly production run to go ahead. After several years of the application's development - the Selenium/Firefox combination had seemed to be a winner.
I have given up on IE completely since they slipped in that W10 mickey finn with a "security" update.
"Or possibly use Firefox ESR "
That was my first attempt at recovering the situation last night. However once Firefox disables the Web Drive add-on - it seems to leave a memory that affects the older versions of FF too.
I do have a full W7 clone made last week as a precaution against W10 updates borking my system - so that is there as a tested back up. However I expect from past experience that copying it to yet another disk so soon will trigger a "piracy" inhibition that lasts for about 3 months.
I know the feeling,I do not update FF any more as currently it i working and I do not know what will be broken next,
I hate Google Chrome as there is no menu and no search bar.
Firefox looks like a browser.
Window caption
File Edit Menus
Address bar & search bar
Row of proper tabs
Took a LOT of work to restore this appearance. And a couple of years ago looked like this out f the box.
I had to remote onto a Win10 PC this week, what a horror.
Why not code your Selenium tests rather than rely on the IDE? You can then run against any browser including the new Firefox Marionette Driver.
The Firefox driver is being deprecated with Firefox 46 which is bound to affect the addon in some way until they can upgrade it.
https://developer.mozilla.org/en-US/docs/Mozilla/QA/Marionette/WebDriver
"Why not code your Selenium tests rather than rely on the IDE?"
I am using the Selenium Web Driver from Excel VBA as a replacement for the historically buggy IE object interfaces.
Thanks for the tip on Marionette - that looks like a possible path to redeveloping for Linux Mint.
It is however a pain to be spending so much development time keeping the plates spinning - rather than enhancing the user application's capabilities.
because...
All is well on the good ship Microsoft with Capt'n Satnad at the helm.
There, the weather is always clear and settled and according to the generals reporting to the 'dear leader', there are no issues with their battle campain to get Windows10 onto every desktop/laptop/table/phone in the world.
'Steady as she goes boys'
'Thise dissenters will soon be press ganged into the Windows 10 family. There is no escape'.
Then his true nature escapes for a second as the Satnad being shouts
'Exterminate, exterminate'.
{proudly typed from a Windows 10 free environment. Pitcairn here I come}
This post has been deleted by its author
Windows 10 build 10586.318 is majestic.
Plus with the OneCore, it's a simultaneous release across all devices giving seamless integration.
Then again, I suppose some folks enjoy trying to get Android Marshmallow, Chromebook and Linux Mint to integrate - maybe files on a USB stick works?
Dropbox works for that scenario, sharing files across Android, Chrome and Linux Mint, so probably not a good example (as it shows up the limitations of OneDrive, which needs to work in a few more places first)
You just waste hours with Windows 10, due to forced updates, or you can waste hours just waiting for updates with Windows 7. Choices, Choices.
Windows 10 resurrected the old chestnut of the Synaptics Touchpad driver v19 this month, to overwrite the older working version Synaptics Touchpad Driver v15, which allows two finger scrolling.
(This was an annoying issue on release of Win10 July15, as it kept reinstalling itself (as it does again)).
The hardware - manual driver update setting (System->Advanced System Settings->Hardware Tab) only seems to work if you install the existing driver via 'Browse my Computer..Let me pick'.
It doesn't prevent the Synaptics Driver v19 reinstalling itself again if you use 'rollback to the previous' - Synaptics v15 driver, even with manual driver updates selected. (Another example of rushed coding by MS)
I assume the reason - MS are/were getting Paranoid by all the two finger gestures they were getting, via Telemetry.
Windows 10 build 10586.318 is majestic.
That it may be, however, the road to get there is not always easy - the pile of Win10 systems now awaiting a restore/reset etc. because of an auto update induced fault (in the last couple of weeks) is steadily increasing - although it has not quite reached the same level as the pile of Win8 machines I had that failed in the auto update to 8.1. Strangely, after fixing the GWX and telemetry malware on numerous Win7 and 8 machines, I've not had to revisit any due to failed (or unwanted) updates...
Internet Information Services gets an important fix that would stop an infection if a user is dumb enough to download a malicious app and try to run it on their machine.
Internet Information Services gets an important fix that would stop an infection if a user is dumb enough to download when a user downloads a malicious app and try to run runs it on their machine.
My laptop is set for WU notifications but manual-only installation. The OS checks every morning when I take it out of Sleep mode. Every time MS releases a raft of updates, as now, it takes a couple of days before I see them, whether "Important" or not. Yesterday (Tuesday) all I got was an update to Windows Defender's pattern files and the usual update to IE 11. As I've never even started IE on this WIN 7 SP1 machine, it must contain an earlier version of IE. You'd think the updater would see that, unless the security update also contains an IE-version update.
Here's something else I don't understand. The package sizes of the IE 11 updates vary 10-30 MB up and down, week to week. Given I've never installed any, I don't get why the sizes keep changing. Maybe once I unleashed that one it would see all the precedents were missing and tie me up for days getting IE 11 installed and up to date. Never gonna happen.
Maybe if each of us mailed a stinky old shoe to a MS marketing droid every time a new patch showed up? Put it in a box marked "important legal documents -- review immediately" they'd get the idea of what a pain this is?
MS Update was (and in some ways, is) a wonderful way to help the masses keep reasonably secure. It sucks that I'm back to manual review of everything (otherwise my laptop would need a reboot soon because Azerbaijan changed their DST rules and because MS wants to force feed Win 10 to me).
Compatibility with your legacy software is the vulnerability. The fragile system itself, its vestigial remnants of once-hot ideas, the need to continue support of 20 years worth of false steps and strategic faults in order to preserve the function of business critical apps is the cause of this ailment.
There is no cure. Businesses come to the realization that they need to move on one at a time. Microsoft has no platform to take them forward because "there is only One Windows" and if they abandon the legacy compatibility all at once they lose everybody all at once. So they lose them one at a time.
There have always been more fundamentally secure platforms available, built on sound technology principles rather that the driving forces behind Windows' rise to dominance. We have known about secure software sourcing, surface area limiting, app isolation, secure development principles, least privilege, compartmentalization of utility, "do one thing well" and a whole lot more for much longer than there has been a Windows. This is not new. What is new is that ubiquitous mobile Internet has finally brought the issue to the fore, at the same time putting more rationally designed systems in every pocket as a conspicuous example that there is a right way. Everyone has experienced having a computing device that works well all the time, without continuously running three software firewalls, Symantec AV *and* McAfee Endpoint Protection. And they like it.
So one by one they port their data and business logic to open systems until they win free of their reliance on the legacy of horrors. And one by one they leave it behind. And there is nothing to be done. No way to excise Microsoft's diseased organs without killing the patient.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
