MS keeps admins busy with critical Vista patches

Vista-bashing again. Yawn.

Nice jump-on-bandwagon headline there. The issues have affected several releases of Windows (including XP which has been out for much longer and had not one but TWO service packs and Server 2000 which has FOUR, yes FOUR Service Packs already omg!!!!)

Being a developer, I know that if you develop something and nobody breaks it for 7 years (XP), you don't try to completely rewrite it just for the sake of it; it's not profitable to rewrite everything, only the parts where there are problems.

Now it emerges there are previously undiscovered problems and they're fixing it in all supported releases. What's the problem with that? Surely it's a good thing that they fix a problem that emerges in all their releases?

But that wouldn't make a good headline to say they have to fix it in Vista, XP, Server 2k, etc etc; is much more sensational to kick Vista even more so you can 'hang out with the gang' rather than to actually report the facts.

Nice one.

How about this one next: "El Reg keeps rational readers busy commenting on crap, sensationalist knee-jerk journalism"

They arent doing themselves any favours

Is there a reason they couldn't have bundled these in to one critical release which fixes several problems ?

I'm surprised there are no Mac fan boys pointing out their their OS is secure and doesn't need patches. Apparently they like an OS with holes.

Yet more Tud

Sorry I completely forgot that all major OS need security updates... I suppose some of them though just don't bother telling people about it... cough... apple... cough...

infact for the 2 months or so I had crapbuntu installed I was nagged daily for updates.

No matter, we all know what the better and most loved OS is, just look at the stats.

M$ Keeps Admins Busy

Title should be "MS Keeps Admins Busy". That way, M$ hopes to keep them so busy they have no time to think. M$ hopes the idea that they could live without that other OS will not creep in. That other OS is not easy to maintain. Patch it and you have lots of downtime for malware, breakage and re-re-reboots. Don't patch it and you have more downtime for malware. With GNU/Linux, I patch when I want, and the system just keeps running. I feel like the Maytag repairman, with plenty of time to contemplate IT.

Not a saint

@ Mike and SpitefulGOD (really?)

if a company's marketing pitch says (for 20+ years) that its development process is excellent, superior, and puts out highly optimal code for a top-notch product, but the company has to release an endless, regular stream of fixes for remotely exploitable bugs, then people will point and laugh, and rightly so. they point and laugh at Comcast for lying and getting caught, why should MS get a pass?

if the same company points to other people's products and claims they are inferior, it would be more believable if this company did not continually overpromise and underdeliver (have supported Windows since before 95 came out, and Vista is the worst i've seen yet).

Ubuntu makes no promises of perfection, so no reason to whine. Apple has been putting out some marketing tripe recently, especially considering the number of big, ugly problems in the Leopard release, but a bad day on Leopard (with Time Machine) is still better than a bad day with Windows (any version). i speak as one who does not own an iPod or an iPhone, and likely never will.

everybody's biological byproduct smells, but it helps if one does not insist that one's stuff smells like roses, or stinks less than everyone else's mess.

@SpitefulGOD

How many of those updates actually required a reboot or two? I think you will have noticed the system just updated itself and kept going. The updates are for the whole installed app base, not just the underlaying Linux. I prefer to get updates immediately, not once a month, that way I know I have safer systems.

@Robert Pogson, fellow "Maytag Repairman"

My currently largest client keeps me busier with fixing their Xerox photocopiers than with fixing their desktop PCs. I look forward to "patch tuesday" because I get to so some actual IT work once a month, and that's just to make sure the servers are updated before the weekend backup. The desktops update themselves.

As for waiting in fear before the patches come? I don't lose sleep over it. I do enough stuff before the fact that these so-called "zero day" exploits don't do any damage. No client of mine had to deal with a case of exploitation in five years now. Worst damage I have to undo these days is restoring stuff from backup that users delete by mistake.

Which is good, because I have time to work on improving things further and installing new stuff. And I have time to fix the broken copier again. If Xerox could make a machine that fixed itself...

@Ross, re: copy/paste of flawed code

Two of the flaws were in Internet Explorer. It's plausible that IE7 has shared code between the XP and Vista versions of it, so the two could share a flaw.

As for the OS base patches, I'd be surprised if the exact same patch was used on both or all three NT-based systems. Same flaw != same code necessarily.

There's a case for retiring XP, and for that matter, retiring 2K. MS has to write, very likely, three different versions of the same patch to address how the same flaw affects two or three differing systems. They're not using up manpower to fix the same browser flaws in Windows 98, ME, or NT4, and they're not using up manpower to fix the same OS flaw in NT4.

I have further commentary about how impatient the user base is regarding OS releases, and how that encourages copy/paste of code, but I'll save that for another rant.

And finally, I like seeing how El Reg is spreading the patch love. Nice to see Apple and the makers of Opera tossed into the same bin these days.

@JC, re: Double Standards

"Don't you always love how some dimwit comes along and thinks if we have legitimate concerns, if we do anything but praise a product and the company then we must be bashers?"

I draw a line between bug reporting and complaints, and outright bashing. There seems to be a knee-jerk reaction to any bug / flaw / exploit / patch related to Microsoft from certain folks, and the same folks do not react as strongly to bugs / flaws / exploits / patches related to any other firm. I think that's why El Reg started providing ready-to-use cut and paste comments.

It's obvious when you compare the two, actually. In 2002, Sophos issued 226 patches for one product, while Microsoft issued 72 patches for their entire product line.

http://www.vmyths.com/column/1/2003/1/23/

I couldn't find one example of Sophos bashing from 2002 that didn't come from vmyths. Microsoft bashing? I lost count of the Google hits.

@the xerox repairman

Yes well, A lot of Xerox boxen run wince, I believe.

Tell them to ditch that rubbish and buy nice NetBSD based Ricoh machines, which have much better security.

I support various embedded copier systems,Ricoh, Toshiba, Oki, Konica-Minolta.

They are in general the most reliable and secure network boxes I know of. despite the users best efforts.

As they consist of an embedded unix-alike (Linux,BSD,RTOS) Computer with a laser printer, scanner and file,email,web server, etc in one box.

Paris because she has a lot going on in one box.

Service pack...

Service Pack 1 for Vista was feature frozen months ago. Any changes made to it during the beta/RC stage were purely for compatibility and fixes to the pack.

Adding new features during beta/RC stage are what causes problems. "Oh, this one won't make any difference" but when combined with all the other ones being installed at the same time may introduce problems.

Critising MS for updates so soon after SP1 has been released is a bit lame.