back to article Patch Tuesday brings Microsoft fixes and Adobe Shockwave update

Microsoft and Adobe have delivered the February edition of their monthly security updates. The two firms kicked off the second Patch Tuesday of the year by each releasing fixes for critical vulnerabilities that could allow for remote code execution. For Microsoft, the monthly release consists of six bulletins which address a …

COMMENTS

This topic is closed for new posts.
  1. Lostintranslation

    How many hours have we spent installing updates for Microsoft products over the last ten years? Is anyone keeping a tally?

    1. Anonymous Coward
      Anonymous Coward

      Actually, it would be far less than for an equivalent enterprise Linux distribution or for Apple OS-X for instance...

    2. Anonymous Coward
      FAIL

      Last time I looked pretty much every other current OS gets patched on a regular basis as well. If you still can't grasp this concept go home and get a different career,

    3. (AMPC) Anonymous and mostly paranoid coward
      Gimp

      Well....

      Who can remember how difficult and time-consuming it was to patch MS platforms BEFORE the introduction of tools like WSUS and scheduled monthly patch releases?

      Trust me... it was a lot worse... Now it is almost routine

      1. Anonymous Coward
        Anonymous Coward

        Re: Well....

        "Now it is almost routine"

        Yes, I love how IIS is always shutdown first and started last on a windows web server, couple with that and the disk thrashing installs of .net patches being compiled in the "background" while another is being installed in the foreground. The final insult, the installation of more patches as the server eventually comes back up. Oh, the self-flagellation of the windows admin.

        1. Anonymous Coward
          Anonymous Coward

          Re: Well....

          You update machines which are running in production? That's not very sensible. If you takes them out of production before the update, what's the problem?

    4. Anonymous Coward
      Anonymous Coward

      Why do we get these comments every time the patch Tuesday updates are announced? All other OSes are updated, to suggest that MS is somehow special in that they update their software suggests that you're rather myopic in your view of other systems.

  2. BlueGreen

    What I wish

    about updates is that MS provides some useful summary info without you having to dig.

    Just done an update check, most (prob all) of the descriptions in the sidebar say generic useless stuff like 'a security has been identified... blah, blah, see associated knowledge base article'. You could give a quick digest of the KB, you could also make the KB article link clickable, but no, anythng that makes it easier for a user to find info on MS software faults is made inconvenient as possible.

    1. Anonymous Coward
      Anonymous Coward

      Re: What I wish

      "about updates is that MS provides some useful summary info without you having to dig."

      Erm - but it does - there is a popup when you next logon telling you that updates have been installed - and if you click on it, you can see the details...

      1. BlueGreen

        Re: What I wish @AC

        How's about *before* I apply the bloody things. Not after, before. So I don't have to install them to find out exactly what they do and what their scope is. Before, not after.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          Re: What I wish @AC

          "How's about *before* I apply the bloody things. Not after, before"

          That's what it does if you tell it to download updates, but not install them. It give you a popup, and when you click on it, it will tell you the details.....and ask for your approval to install...

    2. Anonymous Coward
      Anonymous Coward

      Re: What I wish

      With 'Windows Update' open, highlight the update in question and click 'More information' to open the KB article. Then for even more information scroll down slightly and click the link for IT professionals for the Technet article.

      1. BlueGreen

        Re: What I wish @Justice Tugboathat

        > highlight the update in question

        Ok, didn't know that. Can't do it now as fully patched but I went to the 'view update history' and that seems to show similar. So

        Right click on an issue, pick more details, get this: "A security issue has been identified in a Microsoft software product that could affect your system.". Well shit. It does have a 'more info' link, that's good, click that and get <http://support.microsoft.com/kb/2916036>, which *doesn't tell you what it does*, although to be fair it blathers something about msxml. But it does have a link for what it calls "IT professionals", which finally takes me to <http://technet.microsoft.com/en-us/security/bulletin/ms14-005> which tells me something useful: "This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services included in Microsoft Windows. The vulnerability could allow information disclosure if a user views a specially crafted webpage using Internet Explorer".

        Finally. As I never use IE I now know it's effectively optional (firefox has its own xml handler).

        This processes is not helpful. It could summarise that final, useful bit and give it to me on the fucking windows update window. If you don't want to scare the horses, have an option to hide this, defaulted to hidden, for the masses.

  3. Dave Bell

    These things could always be done better. I left my computer running overnight to download some stuff, and woke to find the patches installed. I still had to check the download had completed OK.

    There are times when an "evil" protocol such as BitTorrent seems to be a lot more dependable. And it must be difficult for anybody running a computer where they can't leave it on overnight, and the downloads+install eats into the working day.

    1. Anonymous Coward
      Anonymous Coward

      Certainly must be on dial-up!

  4. DaveCummings
    Thumb Up

    since i setup a wsus server on an old pc - nil....

    1. Tom 13

      @ DaveCummings

      If you're patching without checking anything, you're just as much of a problem as the people who don't patch them.

  5. Havin_it

    Shockwave?

    Anyone actually still using Shockwave?

    1. BongoJoe

      Re: Shockwave?

      The BBC site clearly does because each morning when I start up my browser I am told that Shockwave is taking a dreadfully long time to get going and would I wish to ignore the wossit that's causing the problem?

      And then promptly ignores whichever I click.

      I can't believe that Adobe haven't sorted this out yet. Oh, wait, I said Adobe didn't I?

  6. johnwerneken

    What exactly does Flash consist of

    besides flaws and exploits waiting to happen?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019