Language Selection

English French German Italian Portuguese Spanish

Faulty M$ Update Rekindles Patch Quality Concerns

Filed under
Microsoft

For Microsoft, delivering high-quality security patches in a timely manner has always been a lose-lose predicament.

If patches for major software vulnerabilities take too long, customers are at the mercy of zero-day threats. When patches are rushed out without proper quality assurance testing, they invariably become a system administrator's worst nightmare.

Earlier this week, when Microsoft Corp. announced plans to re-release a "critical" bulletin because of patch quality problems, the move triggered a new round of eye-rolling among security research pros.

The bulletin, MS05-019, first released in April, contains patches that have caused major connectivity problems for network administrators.

The connectivity errors range from the inability of Exchange servers to talk to their domain controllers; failure of domain controller replication across WAN (wide area network) links; and inability to connect to terminal servers or to file share access.

Microsoft also acknowledged that networking programs that send TCP packets or UDP packets over raw IP sockets "may stop working" after the security update is applied on a computer running Windows XP SP1 (Service Pack 1).

A knowledge base article has been posted to highlight the problems, and hotfixes have been offered to provide temporary respite, but despite Microsoft's insistence that the problems affect only a small number of customers, security experts said the re-release of a high-severity bulletin points to a weakness in Microsoft's patch creation process.

"A hotfix for a patch? I hope it works properly, or what's next? A hotmend for the hotfix for the patch?" asked Corey Nachreiner, a network security analyst at WatchGuard Technologies Inc.

In an interview with Ziff Davis Internet News, Nachreiner said some of his company's clients have complained that the patches have broken VPN connections, a problem he described as "a big deal" for the SMB (small and medium-sized business) market segment.

Because the patch is rated critical by Microsoft, Nachreiner said he cannot recommend uninstalling the patch.

"It means that a lot of customers are scrambling to get hotfixes to keep their systems connected."

Officials at Microsoft insisted the company is doing "far more for this one than necessary" to help ensure every customer has the most recent changes to the update.

Full Story.

More in Tux Machines

Leftovers: Software and Games

  • Xed Text Editor: Can It Really Compete with Gedit and Pluma
    There are many text editors available for Linux such as command line editors (vi, vim, nano and so) and GUI editors (Gedit, Pluma, Kate and so on). Linux always has space for new stuff but Xed isn't new and around from quite sometime. Xed text editor offers most of the standard editor features, extending this basic functionality with other features not usually found in simple text editors. It supports editing of multiple text files in a window (using Tabs) just like any other famous text editor. Support to encode UTF-8 files, compare files among others, syntax highlighting of source code, auto indentation and manual indentation, printing, print preview support, and many other standard features.
  • NeuLion MC Encoder V2.5 Adds Live HEVC 4K 10-bit Encoding for Linux Servers
  • Lil Tanks is a well polished and action packed side-scroller available for Linux
    I've been playing Lil Tanks [Steam, Official Site] and I think it's a fantastic side-scrolling action game well worth a look.
  • Phoenix Point from the original creator of X-COM is now crowdfunding on Fig
    I haven't been this excited for quite a while, the original creator of X-COM, Julian Gollop, and the rest of his studio Snapshot Games have put up Phoenix Point for crowdfunding on Fig. I'm excited for a number of reasons: It will support Linux, it will be on both GOG & Steam and it looks very much like an evolution of the XCOM.

More of today's howtos

Red Hat After Graphics People

GNOME News

  • Desk Changer is a Wallpaper Slideshow Extension for GNOME
    Have you been looking for a GNOME wallpaper slideshow extension? If so, you can stop. In the comments to our recent post on the way GNOME handles wallpapers a number of readers asked whether GNOME had an image slideshow feature built in, without the need for third-party apps and the like. The answer is yes, GNOME does. Sort of.
  • Minwaita: A Compact Version of Theme Adwaita for Gnome Desktop
    As you may already know that Ubuntu is switching back to Gnome, this is the transition time for Ubuntu to switch back. Some creators are motivated and creating themes for Gnome desktop, which is a good thing and hopefully we shall see plenty of Gnome themes and icons around soon. As its name shows "Minwaita" it is minimal/compact version of Adwaita theme, the theme is available after some enhancements to make Gnome more sleek and more vanilla Gnome experience without moving to away from Adwaita's design. This theme is compatible with Gnome 3.20 and up versions. This theme was released back in November, 2016 and still in continuous development that means if you find any problem or bug in the theme then report it to get it fixed in the next update. Obsidian-1 icons used in the following screenshots.
  • Gnome Pomodoro Timer Can Help You Increase Productivity
    If you are struggling with focus on something, it could be your work or study then try Pomodoro technique, this method developed by Francesco Cirillo in the late 1980s. The technique uses a timer to break down work into intervals, traditionally 25 minutes in length, separated by short breaks. You can read more about Pomodoro here.
  • Widget hierarchies in GTK+ 4.0
    In GTK+3, only GtkContainer subclasses can have child widgets. This makes a lot of sense for “public” container children like we know them, e.g. GtkBox — i.e. the developer can add, remove and reorder child widgets arbitrarily and the container just does layout.