EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.13.09

Vista 7 Vulnerable to Latest “Critical” Flaws

Posted in Deception, Marketing, Microsoft, Security, Vista, Vista 7, Windows at 7:43 am by Dr. Roy Schestowitz

Patches integrated quickly before RTM

Border

Summary: Microsoft uses a familiar stunt to pretend that Vista 7 is more secure and then makes a lot of noise about it

NOTHING will change when it comes to computer security once Vista 7 is finally released. We wrote about the subject in:

Using what Ryan has called a “sneaky” trick, Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of "critical" patches.

In his own words: “There’s articles describing Windows 7 RTM as safe from the Patch Tuesday vulnerabilities that have been fixed in Vista and XP this month, but that’s why Microsoft made 7600.16385 the RTM, they integrated those patches right before they declared it final, then said it was safe from the bugs that affected XP and Vista. 7600.16384 was almost the RTM, but they made a new build just for these.”

“Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of “critical” patches.”In short, he argues: “They applied all the patches, called that build the RTM, then said the RTM was unaffected. Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too. You wouldn’t notice this unless you had been following the Windows 7 build process pretty closely.

“Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.

“They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”

“Great talker, great liar.”

French Proverb

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. aeshna23 said,

    August 13, 2009 at 9:50 am

    Gravatar

    I’m having trouble following this argument. Isn’t our argument that Linux has far few vulnerabilities than Windows, and not that any operating system is going to have zero vulnerabilities for quite a while?

    Roy Schestowitz Reply:

    I was pointing out Microsoft’s dishonesty. GNU/Linux does not play those PR games. It is upfront about deficiencies and there’s rarely a question about what’s good for shareholders; it’s about what’s good for users.

  2. Yuhong Bao said,

    August 13, 2009 at 12:12 pm

    Gravatar

    Well, all this means is that 7600.16384 is affected by these security bugs, but the real RTM, 7600.16385, is not. So MS is right in claiming that the RTM is not affected. Normal, I think.
    “Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.”
    Normal, I think, too. I remember the first patches released for XP RTM right on it’s launch on October 25:
    http://support.microsoft.com/kb/309521
    And not just for XP itself. Windows Movie Maker 1.1 and Windows Messenger 4.0 was shipped with XP, but by the time of the launch on October 25, Windows Movie Maker 1.2 and Windows Messenger 4.5 was already available.
    Here is a list:
    http://forums.windrivers.com/archive/index.php/t-39574.html
    http://news.cnet.com/2100-1001-274987.html

  3. Yuhong Bao said,

    August 13, 2009 at 12:36 pm

    Gravatar

    “Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too.”
    That is where the trick probably is.

  4. Yuhong Bao said,

    August 13, 2009 at 12:38 pm

    Gravatar

    “They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”
    That is I think normal too. Sometimes new features introduce new security holes, but this isn’t always the case.

    Roy Schestowitz Reply:

    Sometimes new features introduce new security holes, but this isn’t always the case.

    GNU/Linux receives many patches, but:

    1. Patches are distributed to all software from the repositories, not just the core O/S and core applications.
    2. GNU/Linux distributions are often released once or twice a year. If you look at LTS releases (over time), then your comparison becomes more valid.

    Windows XP hardly changes and the number of holes found in it so far is amazing. It was touted as very secure when it was released.

What Else is New


  1. Links 21/1/2018: Wine 3.0 Coverage, KaOS 2018.01, Red Hat Among 'Admired Companies'

    Links for the day



  2. Blockchain Patents Are a Catastrophe in the Making as Trolls and Aggressors Accumulate Them

    As patents pertaining to blockchains continue to be granted -- even in defiance of Alice/Section 101 -- it seems likely that patent wars will sooner or later erupt, involving some large banks, IBM, and patent trolls associated with the notorious Erich Spangenberg



  3. Qualcomm/Broadcom/NXP Combination Would Become a Disastrous Patent Thicket Which Benefits Nobody

    Worried by the prospect of mega-mergers and takeovers which would put far too much market power (and monopoly through patents) in one place, governments and corporations speak out



  4. Patent Litigation in East Asia: Huawei, Samsung, HTC, Nintendo and COLOPL

    A quick look at some high-profile cases in which large Asian firms are embroiled; it seems clear that litigation activities have shifted eastwards (where actual production is done)



  5. Patent Litigation in the US is Down Sharply and Patent Trolls' Demise Has Much to Do With It

    Docket Navigator and Lex Machina both show a significant decline in litigation -- a trend which is likely to carry on now that TC Heartland is in tact (not for just half a year but a whole year) and PTAB completes another record year



  6. Cheating the US Patent System is a Lot Harder After TC Heartland

    Some new examples of tricks (and sometimes cheats) attempted by patent claimants and their representatives; it does not go as well as they hoped



  7. RPX Might Soon be Owned by Patent Troll Erich Spangenberg

    RPX, whose top executives are leaving and business is gradually dying, might end up as another 'asset' of patent trolls



  8. Patent Quality (Not Numbers) as an Asset: Oppositions, Appeals and Rejections at the EPO

    Benoît Battistelli wants a rubber-stamping operation (like INPI) rather than a functional patent office, but oppositions at the Office prove to be fruitful and many erroneously-granted patents are -- by extrapolation -- already being revoked (affecting, in retrospect, Battistelli's so-called 'results')



  9. Links 19/1/2018: Linux Journalism Fund, Grsecurity is SLAPPing Again

    Links for the day



  10. The EPO Ignores This Week's Decision Which Demonstrates Patent Scope Gone Awry; Software Patents Brought Up Again

    The worrisome growth of European Patents (EPs) — a 40% jump in one year in spite of decline in the number of patent applications — is a symptom of the poor judgment, induced largely by bad policies that impede examiners’ activities for the sake of so-called ‘production’; this week's decision regarding CRISPR is another wake-up call and software patents too need to be abolished (as a whole), in lieu with the European Patent Convention (EPC)



  11. WesternGeco v ION Geophysical (at the US Supreme Court) Won't Affect Patent Scope

    As WesternGeco v ION Geophysical is the main if not sole ‘major’ patent case that the US Supreme Court will deal with, it seems safe to say that nothing substantial will change for patent scope in the United States this year



  12. Links 18/1/2018: MenuLibre 2.1.4, Git 2.16 Released

    Links for the day



  13. Microsoft, Masking/Hiding Itself Behind Patent Trolls, is Still Engaging in Patent Extortion

    A review of Microsoft's ugly tactics, which involve coercion and extortion (for businesses to move to Azure and/or for OEMs to preload Microsoft software) while Microsoft-connected patent trolls help hide the "enforcement" element in this whole racket



  14. Patent Prosecution Highway: Low-Quality Patents for High-Frequency Patent Aggressors

    The EPO's race to the bottom of patent quality, combined with a "need for speed", is a recipe for disaster (except for litigation firms, patent bullies, and patent trolls)



  15. Press Coverage About the EPO Board Revoking Broad's CRISPR Patent

    Even though there's some decent coverage about yesterday's decision (e.g. from The Scientist), the patent microcosm googlebombs the news with stuff that serves to distract from or distort the outcome



  16. Links 17/1/2018: HHVM 3.24, WordPress 4.9.2

    Links for the day



  17. No Patents on Life (CRISPR), Said EPO Boards of Appeal Just a Few Hours Ago

    Broad spectacularly loses its key case, which may soon mean that any other patents on CRISPR too will be considered invalid



  18. Only Two Weeks on the Job, Judge Patrick Corcoran is Already Being Threatened by EPO Management

    The attack on a technical judge who is accused of relaying information many people had already relayed anyway (it was gossip at the whole Organisation for years) carries on as he is again being pushed around, just as many people predicted



  19. EPO Board of Appeal Has an Opportunity to Stop Controversial Patents on Life

    Patent maximalism at the EPO can be pushed aback slightly if the European appeal board decides to curtail CRISPR patents in a matter of days



  20. Links 16/1/2018: More on Barcelona, OSI at 20

    Links for the day



  21. 2018 Will be an Even Worse Year for Software Patents Because the US Supreme Court Shields Alice

    The latest picks (reviewed cases) of the Supreme Court of the United States signal another year with little or no hope for the software patents lobby; PTAB too is expected to endure after a record-breaking year, in which it invalidated a lot of software patents that had been erroneously granted



  22. Patent Trolls (Euphemised as “Public IP Companies”) Are Dying in the United States, But the Trouble Isn't Over

    The demise of various types of patent trolls, including publicly-traded trolls, is good news; but we take stock of the latest developments in order to better assess the remaining threat



  23. EPO Management and Team UPC Carry on Lying About Unified Patent Court, Sinking to New Lows in the Process

    At a loss for words over the loss of the Unitary Patent, Team UPC and Team Battistelli now blatantly lie and even get together with professional liars such as Watchtroll



  24. China Tightens Its Knot of Restrictive Rules and Patents

    Overzealous patent aggressors and patent trolls in China, in addition to an explosion in low-quality patents, may simply discourage companies from doing production/manufacturing there



  25. Microsoft's Patent Racket Has Just Been Broadened to Threaten GNU/Linux Users Who Don't Pay Microsoft 'Rents'

    Microsoft revisits its aggressive patent strategy which it failed to properly implement 12 years ago with Novell; it wants to 'collect' a patent tax on GNU/Linux and it uses patent trolls to make that easier



  26. EPO Scandals Played a Considerable Role in Sinking the Unified Patent Court (UPC)

    Today's press coverage about the UPC reinforces the idea that the EPO saga, culminating in despicable attacks on Patrick Corcoran (a judge), may doom the UPC once and for all (unless one believes Team UPC)



  27. J Nicholas Gross Thinks Professors Stop Being Professors If They're Not Patent Extremists Like Him

    The below-the-belt tactics of patent trolls and their allies show no signs of abatement and their tone reveals growing irritation and frustration (inability to sue and extort companies as easily as they used to)



  28. The US Supreme Court Has Just Denied Another Chance to Deal With a Case Similar to Alice (Potentially Impacting § 101)

    There is no sign that software patents will be rendered worthwhile any time in the near future, but proponents of software patents don't give up



  29. Litigation Roundup: Nintendo, TiVo, Apple, Samsung, Huawei, Philips, UMC

    The latest high-profile legal battles, spanning a growing number of nations and increasingly representing a political shift as well



  30. Roundup of Patent News From Canada, South America and Australia

    A few bits and pieces of news from around the world, serving to highlight patent trends in parts of the world where the patent offices haven't much international clout/impact


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts