back to article Microsoft Santa gifts you with 5 critical fixes in Xmas Patch Tuesday

December's Patch Tuesday brought seven bulletins from Microsoft, five of which cover critical security vulnerabilities. A critical update for MS Word (MS12-079) is rated by security watchers as the most important of the batch. A flaw in Rich Text Format (RTF) processing poses a severe risk because Microsoft Outlook …

COMMENTS

This topic is closed for new posts.
  1. banjomike

    Preview pane ...

    ... hasn't the standard advice for that last thousand years been to turn OFF the preview pane?

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: Preview pane ...

      Re: Preview pane ...

      ".. hasn't the standard advice for that last thousand years been to turn OFF the preview pane?"

      .. hasn't the standard advice for that last thousand years been to turn OFF MS software? - Fixed

    3. Robert Helpmann?? Silver badge
      Childcatcher

      Re: Preview pane ...

      In many cases, this is not advice, but company policy. It seems that as this feature has been exploited many times in many ways that it should have been more a focus for hardening than it seems to have been over the years. Making the preview pane use plain text by default would be a good start.

    4. This post has been deleted by a moderator

      1. RICHTO Silver badge
        Mushroom

        Re: Preview pane ...

        Rememebr that the first and worst internet virus / worm ever was on UNIX based systems!

        1. Fred Flintstone Gold badge

          Re: Preview pane ...

          Yup - and THEY learned from that experience..

    5. Fred Flintstone Gold badge

      Re: Preview pane ...

      hasn't the standard advice for that last thousand years been to turn OFF the preview pane?

      Thank you. You just explained a couple of cave drawings we just couldn't make sense of..

  2. Steve Davies 3 Silver badge
    FAIL

    Just in time for Crimble

    And many business will have implemented a change freeze already. So a good number will not be applying this load of patches until 2013. Great timing Microsoft. Not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Just in time for Crimble

      Yeah, i only there was a way to predict when patch tuesday is...

      Also, all a change freeze does is pevent rollout, not testing...

      1. Anonymous Coward
        Anonymous Coward

        Re: Just in time for Crimble

        And may I suggest rigorous testing? Our intranet fell over for 48h due to a bug in one of the updates...

  3. Anonymous Coward
    Anonymous Coward

    Bing Desktop

    Why are Microsoft pushing Bing Desktop through Windows Update? It's bad enough they push Silverlight through it, but Bing Desktop? WTF!

    1. Anonymous Coward
      Coffee/keyboard

      Re: Bing Desktop

      Keeps the numbers up.

      1. Mat

        Re: Bing Desktop

        It's the only way they're going to.. It's still crap!

        1. This post has been deleted by a moderator

          1. Bob Vistakin
            Linux

            Re: Bing Desktop

            Someone mention Bing and Google in the same sentence? Funny thing is, there's a very interesting story involving those two I drive microsoft apologists mad with every time I bring it up round here. It's extremely embarrassing for them, so naturally they really, really want to airbrush it out of history. Have no fear - we can look forwards to seeing it right through 2013, lest we forget :-)

    2. RICHTO Silver badge
      Mushroom

      Re: Bing Desktop

      That's an optional functionality update, not a security one.

  4. This post has been deleted by a moderator

    1. Lord Voldemortgage

      Re: Microsoft is the SAURON or Critical Vulnerabilities

      "to be continued..."

      Oh great.

    2. Anonymous Coward
      Anonymous Coward

      Re: Microsoft is the SAURON or Critical Vulnerabilities

      Oh do give it a rest, it's getting beyond tedious.

    3. Anonymous Coward
      Anonymous Coward

      Re: Microsoft is the SAURON or Critical Vulnerabilities

      Sjeez. I nearly dislocated my jaw yawning..

      1. Destroy All Monsters Silver badge
        Linux

        Re: Microsoft is the SAURON or Critical Vulnerabilities

        I think it's only half bad, you AC downvoters should be ashamed of yourself.

    4. Anonymous Coward
      Anonymous Coward

      Re: Microsoft is the SAURON or Critical Vulnerabilities

      Nice imagination, but in the real world Linux distributions have an order of magnitude more vulnerabilities than current Windows versions...

  5. Anonymous Coward
    Windows

    Unfortunately it doesn't only fix stuff...

    Together with the patches they also rolled out their Windows Management Framework, also known as PowerShell 3.0, for Windows 7.

    That by itself is of course good news; a new version of PowerShell can be quite useful since it introduces several new features and makes other aspects easier to use, also for new users.

    UNFORTUNATELY.... PowerShell is like Unix in some way; you really need the manual or help section around to use as quick reference. 2.0 did a pretty good job IMO because a default help screen gives you a good information overview while commandline parameters allow you to get everything (-Detailed) or simply a bunch of examples (-Examples).

    PowerShell 3 otoh now introduces localized help screens. So; say you're on a Dutch version of Windows, then your "UICulture" will be set to "nl-NL", thus making PowerShell look for the help section in the "nl-NL" directory (found in the PowerShell system directory).

    Just too bad there there currently is no such thing as a localized Dutch help section. And to make matters worse; PowerShell also does not provide any features what so ever to tell its help system (the "Get-Help" cmdlet) not to look in "nl-NL" but use the default (and in my case preferred) en-US instead.

    So the only way to overcome this is either manually copying your help stuff from one locale directory into the other, or device a work around (script) which temporarily hacks your UICulture settings (which is kinda flakey).

    Everything seems to be going to pieces with Windows as of late, totally unsatisfying. And PowerShell used to be so good.... :-(

    1. This post has been deleted by a moderator

    2. Anonymous Coward
      Anonymous Coward

      Re: Unfortunately it doesn't only fix stuff...

      This doesn't remotely surprise me. Even the largest US companies barely acknowledge the existence of other countries when developing and testing software.

  6. David Goadby
    Thumb Down

    Arrgggh a mass rebooting session as well!

    I tried the latest patches on one of my PC's to see if a reboot is required. And, it is. Another weekend of updates and reboots to waste my time.

    When U$oft marketing departments compare the TCO of Microsoft against alternative systems this is one metric they leave out.

    My Linux platforms seldom need a reboot and, even if they do, they don't put an in-your-face dialogue box in the middle of the screen every 10 minutes. Why don't Microsoft realise that in a busy company later means much later.

    This anger is compounded if Adobe decides to offer it's fixes at the same time. Not only do their patches usually need a reboot but you have to watch out for pre-ticked boxes offering to install software from a company currently run by a desperado and which you do not want or need. Ditto Oracle/Java but at least you never need a reboot...

    Arrggggggh!

    1. Anonymous Coward
      Anonymous Coward

      Re: Arrgggh a mass rebooting session as well!

      New Kernel? You need to reboot. It may not tell you to do so, but you still need to.

      As for rebooting a Windows box, if you don't rollout your updates via a push mechanism and then automatically reboot, while monitoring that the machines come back up, you're doing it wrong. The level of effort in rolling out an update which requires reboot should be select the group to update, send the update, make sure that they all come back, all while sitting in the same chair.

      1. Chemist

        Re: Arrgggh a mass rebooting session as well!

        "seldom" it said !

    2. RICHTO Silver badge
      Mushroom

      Re: Arrgggh a mass rebooting session as well!

      Hire a competent Windows admin and all such issues will be a thing of the past....

  7. Anonymous Coward
    Anonymous Coward

    MS security holes will kill you only 86 times instead of a hundred this year.

    wow.

    I feel a lot better already.....

    :-)

    AC

    1. Anonymous Coward
      Anonymous Coward

      Re: MS security holes will kill you only 86 times instead of a hundred this year.

      Have you looked at the number of vulnerabilities is a competing OS lately? Much worse than Windows all of them....

  8. Robert Carnegie Silver badge

    Pardon?

    "Another critical update (MS12-077) tackles security bugs in Internet Explorer 9 and 10, and creates a risk of drive-by download attacks involving tricking users into visiting websites contaminated with malicious code."

    Isn't there something wrong with that paragraph? The bugs, not the update, create the risk of drive-by download attacks.

    By the way, Opera 12.11 has a bad bug that wants fixing. 12.12 is out very soon - release candidate is out now.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019