back to article TIME TRAVELLERS needed to secure Windows 7

Microsoft has forced Windows 7 users to apply an April update in order to receive June's patches for its Internet Explorer 11 browser. The demand does not affect users of earlier versions of its flagship browser or operating system. Microsoft did not provide reasons for the move but it appeared to have simplified its patching …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    This sort of thing would never happen with Microsoft's software. It has fewer bugs than Open Source (when you consider the every package of RHEL against just the Core install of Windows Server), has The Most Servers In The World (according to a gross misreading of some very carefully cherrypicked statistics) and is more secure than anything (according to...actually, I never figured that one out. Just believe it, mmmkay?)!

    1. Anonymous Coward
      Anonymous Coward

      How is this even news worthy?. There are plenty of other updates that require previous updates installed as prerequisits. This is common practice - and not just on Windows.

    2. Anonymous Coward
      Anonymous Coward

      "It has fewer bugs than Open Source (when you consider the every package of RHEL against just the Core install of Windows Server"

      Just to point out that Windows Server does actually have a signifcantly lower number of historical security holes and fewer days at risk than Enterprise Linux distributions - even when the full install of Windows Server is considered against a FEATURE MATCHED cut down distribution of Red Hat (and SUSE).This has been the case every year for the last decade or so.

      "has The Most Servers In The World (according to a gross misreading of some very carefully cherrypicked statistics) "

      A quick Bing shows that the latest figures (Q4 2013) are:

      •Linux server demand continued to be positively impacted by cloud infrastructure deployments, as hardware revenue increased 14.4% year over year to $4.1 billion in 4Q13. Linux servers now represent 28.5% of all server revenue, up 4.6 points when compared with the fourth quarter of 2012.

      •Microsoft Windows server hardware revenue increased 0.1% year over year in 4Q13 with quarterly server hardware revenue totaling $6.5 billion, representing 45.7% of overall quarterly factory revenue, up 2.0 points over the prior year's quarter.

      •Unix servers experienced a revenue decline of -20.2% year over year to $1.9 billion representing 13.6% of quarterly server revenue for the quarter.

      •After four consecutive quarters of revenue growth, IBM's System z mainframe running z/OS revenue declined -36.8% year over year to $1.1 billion, representing 8.0% of all server revenue in 4Q13.

      1. Anonymous Coward
        Anonymous Coward

        Even when someone calls you on your bullshit, you actually can't help yourself, can you. YOU HAVE A MENTAL ILLNESS, ANONYMOUS COWARD. PLEASE, SEEK HELP.

      2. Daniel B.

        yadda yadda yadda yadda

        The MS shills are quick to pop up, and they usually do as AC's. Why am I not surprised? I'm starting to miss Eadon. At least he had the balls to put up his handle.

  2. southpacificpom
    Boffin

    Linux

    Just install Linux and stop fucking around...

    1. Anonymous Dutch Coward
      Coat

      Re: Linux

      You mean use Linux as a contraceptive? That might actually work quite well...

      1. southpacificpom
        Devil

        Re: Linux

        Pity your parents never found Linux in time...

      2. Anonymous Coward
        Happy

        Re: Linux

        Well done Dutch Coward, maybe it's beacuse it Monday and they all have the grumps, but you single handily proved the stereotype of Linux nerds having no sense of humour.

        I nearly spat my coffee out, yes I'm a Windows user (well I have an do have Android phone and use a PI for digital signage, have Linux box hosting my website, but I digress), and if it had been directed at Windows users, my reaction would of still been the same.

        1. Anonymous Dutch Coward
          Pint

          Re: Linux

          @Lost all faith...

          Thanks from a fellow Windows+Linux user... I really should be ditching those sandals and the beard now ;)

          1. beep54
            Pint

            Re: Linux

            @ Anonymous Dutch Coward: Dude! Sandals and thongs (er, the footwear) make sense here in Texas. Not too sure about Dutchland although beards seem to work in both. More beer.

        2. southpacificpom

          Re: Linux

          @Lost all faith...

          Eadon, is that you?

    2. beep54

      Re: Linux

      But, but, didn't Barbie once say "Linux is HARD!" Jest jinkin' witcha. Still, tried a dual boot with Linux (Kubuntu or Xbuntu or some such and yeah it was around ver. 9.someodd, so oldish) and often had Internet connection issues. Which was kinda funny because sometimes I would use Linux when Windows had weird connection problems. [eh, the whole mess was probably a problem with the ISP which has since seemed to have been fixed, Windows-wise at least] One thing that keeps me from Linux is something so damn simple, I don't get why it isn't universal. This a more global form of move/copy which (and you still have to effing hack the registry to do this in Windows) of move to folder/copy to folder. Screw any version of 'Send to'!! This totally supplants it and is easier to boot. Before anyone down votes me, I ask, nay PLEAD, please!, tell me if this can be done in other than Windows. Be gentle. Still learning :) 'Cause I'm definitely going to try and figure out how to boot SOME version of Linux from USB.

  3. big_D Silver badge

    Combo Upate

    What we need is a combo updater, which allows the installation of all patches, from clean install to today. If you do a clean install, download combo updater, apply 1 patch, get working. Not patch, reboot, patch, reboot, patch, reboot ad infinitum.

    That would also be useful if you have missed patches or were off on some expedition and need to apply several months worth of patches.

    Obviously that isn't a solution for monthly updates and it wouldn't be a solution for corporates who want better control over what gets patched when, but for the average user - or rather the poor techy who gets roped in to set up their new PC - it would be a godsend.

    (Yes, I know that you can slipstream, but I don't want to have to make a new slipstream image every time I arrive at a friend's house and they say, "oh, while you are here..." I want a single mega-patch I can download and leave running whilst enjoying a quiet evening with friends.)

    1. A Non e-mouse Silver badge

      Re: Combo Upate

      The way MS/Windows handles lots of patches really narks me off. Why do they make it so painful to re-install Windows and get it up to date with patches? Can't all their engineering brains sort this mess out?

      1. Richard 12 Silver badge

        It must be deliberate

        I mean, making it progressively more difficult to install "old" versions of their operating system is a great way to push people towards their newest one.

        Or at least it would be if the newest wasn't a pile of stinking tripe.

      2. plrndl
        Linux

        Re: Combo Upate

        "Can't all their engineering brains sort this mess out?"

        Obviously not.

      3. Anonymous Coward
        Anonymous Coward

        Re: Combo Upate

        "Why do they make it so painful to re-install Windows and get it up to date with patches? Can't all their engineering brains sort this mess out?"

        It's already really easy. As Binging it would have told you. Assuming from your ignorance you are probably wanting to do this for home use, see here:

        http://lifehacker.com/how-to-slipstream-windows-updates-into-your-installatio-1562956432

        1. Tom 38
          Headmaster

          Re: Combo Upate

          Downvote for using "bing" as a verb meaning "search", yet still capitalizing it as a proper noun.

          You might heart the fuck out of microsoft, but keep your neologisms (google¹ it) to yourself.

          ¹ Intentional.

          1. Getriebe

            Re: Combo Upate

            TOM38 - oh get you using a big word and trying to put someone down. Maybe the geezer knows Latin or pretty well any South European language and then he doesn't need to follow your advice - just uses logic. Nitwit.

          2. king of foo

            "binging it"

            Ha! That ship has well and truly sailed. Thanks for bringing a smile to my face trying to force it!

            Speaking of marketing b******s...

            "Your potential. Our passion." (I think MS must have hired ex Durex marketing guys for that one!)

            "To enable people and businesses throughout the world to realize their full potential." (Eh, you do what now? MS, are you selling a pyramid scheme?)

            "You can make money without doing evil." (Google just don't feel like it!)

            "Google's mission is to organize the world's information and make it universally accessible and useful" (...to the NSA, GCHQ...)

            PS - "doing a chandler" is much better.

    2. Anonymous Coward
      Anonymous Coward

      Re: Combo Upate

      You mean some sort of service pack?

      1. Where not exists

        Re: Combo Upate

        "You mean some sort of service pack?"

        SMP/E?

    3. brotherelf

      Re: Combo Upate

      "What we need is a combo updater" ... like WSUS Offline Update (wsusoffline.net)?

      (Disclaimer: I'm in shouting range of the guy who runs that project.)

      1. big_D Silver badge

        Re: Combo Upate

        Does that install everything in a single rutsch? Or do you need to keep rebooting? I know some patches in the past had to be installed alone, followed by a reboot, before other patches could be installed.

        1. brotherelf

          Re: Combo Upate

          It does reboot several times in the process, but it doesn't need human intervention for this. (Temporary user with no password, something along those lines.)

      2. Alan W. Rateliff, II
        Paris Hilton

        Re: Combo Upate

        Nice. I use this and have turned several colleagues onto it, as well. Our only complaint is that even after a full run there will still be a few dozen updates left in Windows Updates. That said, it saves a massive amount of time to keep a USB stick updated every month with the latest Windows Updates and get them installed unattended after a fresh OS installation.

        (I have to sheepishly admit that I have never donated to the project. I keep meaning to and keep pushing it off to a time when I am less busy.)

    4. This post has been deleted by its author

    5. Anonymous Coward
      Anonymous Coward

      Re: Combo Upate

      In other words you are looking for what IBM did with their service packs for OS/2 - you only ever needed the latest one because all the previous fixes were incorporated in it. Life was easy in those days.

      1. Dan 55 Silver badge
        Happy

        Re: Combo Upate

        Or what Apple do now...

    6. Anonymous Coward
      Anonymous Coward

      Re: Combo Upate

      "What we need is a combo updater, which allows the installation of all patches, from clean install to today."

      You mean like Microsoft Update? Or like WSUS? Or Like SCCM?

      1. big_D Silver badge

        Re: Combo Upate

        Microsoft Update is a pain, umpteen dozen reboots and repatches. The same for WSUS. Slipstreaming is better, but still a pain, especially if you are visiting a friend for a "couple of hours" and need to create a new slipstream image.

        I want ONE single link at microsoft.com, where I can download a complete patch installer, that does one pass at the system, followed by a single reboot and I can start working. Is that really so hard?

      2. Daniel B.
        Boffin

        Re: Combo Upate

        You mean like Microsoft Update? Or like WSUS? Or Like SCCM?

        Nope. More like yum or apt-get, where typing "yum upgrade" or "apt-get upgrade" will automatically download the latest patch, apply 'em and everything's done. Ok, you might think that's just an Open Source thing, but IBM also has the ability to download just the latest patch for their products, so you don't have to engage in "download fix pack 17 … download fix pack 18 … only 46 patches to go" like MS does.

      3. southpacificpom
        Pint

        Re: Combo Upate

        Ah SCCM, isn't it that management thing that let's you reimage your workstations overnight along with your servers including the SCCM server itself?

        Go asks the guys at Emory Uni...

    7. phuzz Silver badge
      Meh

      Re: Combo Upate

      If you install Windows 7 with SP1 already installed you'll have to patch and reboot three times before it's all done. At least that's how long it took reinstalling my friend's laptop the other week. Ubuntu will require one reboot (to update the kernel). So Ubuntu is the winner here, but as it's only something you have to do once, is it really that much of an issue?

      Also, if you have more than 10 windows machines to update, but you're on a low bandwidth connection, use WSUS, it's free.

    8. cyberelf
      Facepalm

      Re: Combo Upate

      "What we need is a combo updater, which allows the installation of all patches, from clean install to today."

      Isn't this called SlipStream .. apart from which .. isn't there something seriously defective in software land ..

      1. big_D Silver badge

        Re: Combo Upate

        Nope, Slipstream isn't the solution. That requires setting up a new installation CD.

        We are talking about having to install a new machine with no notice. You were expecting to spend a relaxing evening with friends and find out you are expected to patch and configure a new PC. The last thing you want to do is build a slipstream DVD - well, the last thing you want is to do the patch-reboot circle dance Windows Update, while everybody else sits downstairs and watches the film and snaffle the chips... You want a one-click download that does everything, so you can enjoy the film as well.

    9. el_oscuro
      Linux

      Re: Combo Upate

      In Linux, they have "sudo apt-get update" for Debian based systems and "yum update" for Red Hat based ones. On a fresh install, start the command and go read El Reg while it installs all of the patches. Maybe reboot onces aftewards if the kernal was updated. Why Microsoft doesn't have this I don't kown/

  4. Charlie Clark Silver badge

    Unaffacted

    I have a Windows 7 VM (with a full-fat licence). However, as I refuse to do the additional licence verification dance (what's up with you licensing Microsoft that it doesn't work properly first time?) I get to miss out on some of the updates, including it appears the browser updates. I don't really care as I only fire the thing up once a week or so to use my scanner or test a website in IE 9. But, judging by website statistics, it seems I'm far from alone: use of IE seems to split fairly neatly between IE8, IE9 and IE11.

    Microsoft, it seems, still doesn't know how it feels about its browser: is it a core part of the OS and thus worth protecting? or just one among many of the browsers out there with a sideline in traffic referral?

  5. Anonymous Coward
    Anonymous Coward

    This is because Microsoft still use IE in Window Explorer!

    That's evil!

  6. Mike Dimmick

    11 SP1 by another name

    The problem here is that Microsoft refused to call their April update - corresponding with Windows 8.1 Update 1 - by a new name. So they have to go around calling it 'with the 2929437 update installed'.

    If they had actually called it by its true name - Service Pack 1 - it would be clear that they are breaking their own Service Pack and Security Update policies (and the same goes for 8.1 Service Pack 1). The Service Pack Policy says that they will support service packs for Windows (and Windows components such as IE) for 24 months after the release of the following service pack. The Security Update Policy says:

    "Microsoft will provide security update support for a minimum of 10 years (through the Extended Support phase) for Business, Developer and Desktop Operating System products. The security updates will apply only to the supported service pack level for these products.

    "Both the Mainstream Support and the Extended Support phases require that the product’s supported service pack level be installed to continue to receive and install security updates.

    "Security updates will be available from Windows Update during the Mainstream Support phase, and the Extended Support phase (if available)."

    Since there is officially no service pack for Windows 8.1 or for IE 11, security updates should be on Windows Update for the original release, regardless of whether another update has already been installed. Alternatively, if we count Update 1/2929437 as being Service Pack 1, they have still withdrawn support for the original release nearly two years before they should have.

    1. Anonymous Coward
      Anonymous Coward

      Re: 11 SP1 by another name

      "If they had actually called it by its true name - Service Pack 1"

      Nope - Service Pack 1 for Wndows 8.1 will be a seperate release.

    2. Test Man

      Re: 11 SP1 by another name

      > If they had actually called it by its true name - Service Pack 1

      Wrong. It's called "Windows 8.1 Update".

      Whether it's a good name is not the point, the fact is that that's what it's called.

      1. Anonymous Coward
        Anonymous Coward

        Re: 11 SP1 by another name

        As for the difference between what 'they called it', the 'true name', or variations on this theme, to me their naming policy owes more to creative accounting than utility. But 8.1 update should not be 'Windows 8.1 sp1'. Windows 8.1 was really Windows 8 sp1. Meanwhile, SP2 should be due this autumn. They can call a dog a cat and we can argue that they have every right to do so, therefore it is an accurate description; except for the long-established precedent that if it tries to shag your leg, it isn't a cat.

  7. Anonymous Coward
    Anonymous Coward

    149 Updates, plus 23 more, plus several more, plus several more...

    My new-to-me 2nd hand Win 7 PC. Had been restored to factory fresh.

    Roughly 600+ MB.

    That's still a couple orders of magnitude less than the Linux (Ubuntu) updates.

    1. JohnNE12
      Linux

      Re: 149 Updates, plus 23 more, plus several more, plus several more...

      I'm not sure I've seen a Linux update with 60GB plus! Are you sure about that 'couple of orders of magnitude'?

    2. Anonymous Coward
      Anonymous Coward

      Re: 149 Updates, plus 23 more, plus several more, plus several more...

      "That's still a couple orders of magnitude less than the Linux (Ubuntu) updates."

      Unless you live in a third world country and your internet connection is a piece of string - who cares about the size of the updates? I care about amount of updates to evaluate and the frequency / predictability of releases and on both of those counts, Linux is far worse than Windows.

    3. Anonymous Coward
      Anonymous Coward

      Re: 149 Updates, plus 23 more, plus several more, plus several more...

      And an Ubuntu update will pull down *all* the updates you need in one go, install them, and then may ask you for a single reboot at the end of it.

    4. Daniel B.
      Boffin

      Re: 149 Updates, plus 23 more, plus several more, plus several more...

      That's still a couple orders of magnitude less than the Linux (Ubuntu) updates.

      Unless you have an assload of installed packages, any Linux distro update list isn't going to be that massive. And as others have mentioned, you only need to download the latest patch level packages, instead of going "3.0.1, 3.0.2, 3.0.3, 3.0.4" as Windows forces you to do.

  8. Anonymous Coward
    Anonymous Coward

    Last time I tried WSUSoffline with the /autoreboot commandline switch does ONE reboot at the end of the entire process.

  9. Ken Hagan Gold badge

    Time travellers?

    Last I heard, April comes before June. Where's the time travel angle?

  10. amanfromMars 1 Silver badge

    Sociopaths 'r' Us ...... The Premier Sub-Prime GOTO Store for TeleVisionary Chaos

    ..... to Rule and/or Destroy and AIModify with Current Money Markets

    Users with automatic updates activated would not feel the affects of the new demand unless those updates had quietly failed leaving them exposed.

    What do you call an automatic updates activated feature and service which doesn’t automatically update active features and services? Vapourware? Snake Oil? FUDdy Crap?

    Are there such things as Vapourware Chasers in the style of Ambulance Chasers and PPI Mis-selling Compensation Helpers? Should there be, or is it really a case of everyone looking out and taking care of oneself and not relying virtually on anyone/something else for security and protection?

    Be careful out there in the Human Jungle, there be crazies loose and active in many a strange field of concern and conflict and you be never safe from the garbage their media manipulation hosts. [Boris of London somewhat weakly and circumspectly describes them politely as unhinged, rather than certifiably mad]

    And as for that and those at Great IntelAIgent Games Play, both with or without a firm vice-like Grip and Grasp on the Command and Control of CyberSpace, well …… if you aint sane, will the madness kill you whether you be following or leading the Future with IT or not.

  11. lexluthermiester

    Why is this a problem?

    For those of us who have more than half a clue we DON'T use Microsoft's insecure, back-door laden browser. We use browsers who whose source code is open and worked on frequently to make them ACTUALLY secure. So why is this news?

This topic is closed for new posts.

Other stories you might like