Language Selection

English French German Italian Portuguese Spanish

Faulty M$ Update Rekindles Patch Quality Concerns

Filed under
Microsoft

For Microsoft, delivering high-quality security patches in a timely manner has always been a lose-lose predicament.

If patches for major software vulnerabilities take too long, customers are at the mercy of zero-day threats. When patches are rushed out without proper quality assurance testing, they invariably become a system administrator's worst nightmare.

Earlier this week, when Microsoft Corp. announced plans to re-release a "critical" bulletin because of patch quality problems, the move triggered a new round of eye-rolling among security research pros.

The bulletin, MS05-019, first released in April, contains patches that have caused major connectivity problems for network administrators.

The connectivity errors range from the inability of Exchange servers to talk to their domain controllers; failure of domain controller replication across WAN (wide area network) links; and inability to connect to terminal servers or to file share access.

Microsoft also acknowledged that networking programs that send TCP packets or UDP packets over raw IP sockets "may stop working" after the security update is applied on a computer running Windows XP SP1 (Service Pack 1).

A knowledge base article has been posted to highlight the problems, and hotfixes have been offered to provide temporary respite, but despite Microsoft's insistence that the problems affect only a small number of customers, security experts said the re-release of a high-severity bulletin points to a weakness in Microsoft's patch creation process.

"A hotfix for a patch? I hope it works properly, or what's next? A hotmend for the hotfix for the patch?" asked Corey Nachreiner, a network security analyst at WatchGuard Technologies Inc.

In an interview with Ziff Davis Internet News, Nachreiner said some of his company's clients have complained that the patches have broken VPN connections, a problem he described as "a big deal" for the SMB (small and medium-sized business) market segment.

Because the patch is rated critical by Microsoft, Nachreiner said he cannot recommend uninstalling the patch.

"It means that a lot of customers are scrambling to get hotfixes to keep their systems connected."

Officials at Microsoft insisted the company is doing "far more for this one than necessary" to help ensure every customer has the most recent changes to the update.

Full Story.

More in Tux Machines

What’s The Best Android Phone of 2016 So Far?

This year could not have been more different, though. Innovation went through the roof with every man and his dog coming to the space with heavily updated, vastly superior offerings to the year before. Samsung, HTC, Sony, LG and Huawei have all been on fine form, releasing excellent hardware that makes last year’s gear look practically remedial. So what are the best Android phones we’ve reviewed so far? Glad you asked: Here’s KYM’s pick of the best Android phones of 2016 so far. Read more

Secure Desktops with Qubes: Introduction

This is the first in a multipart series on Qubes OS, a security-focused operating system that is fundamentally different from any other Linux desktop I've ever used and one I personally switched to during the past couple months. In this first article, I provide an overview of what Qubes is, some of the approaches it takes that are completely different from what you might be used to on a Linux desktop and some of its particularly interesting security features. In future articles, I'll give more how-to guides on installing and configuring it and how to use some of its more-advanced features. Read more

What is Ubuntu?

The open source community is packed full of intriguing projects and companies, so much so that even the biggest of proprietary vendors have moved to embrace it. Ubuntu is one of those open source projects that has developed a wide-spread following. Ubuntu is an open source Linux distribution based on Debian, which is a freely available operating system that uses the Linux kernel. Initially developed for personal computers, it has developed to being used on servers, and smartphones. Development of Ubuntu is led by Canonical, a UK based company that was founded by Mark Shuttleworth. Read more

Hands-on with Ubuntu MATE 16.04 on the Raspberry Pi 2 and 3

To put things into a fair perspective, keep in mind that we are talking about a computer that costs $25 or so and can be used with a display, keyboard and mouse which a lot of people are going to have on hand already. That means for a very small amount of money, you can have a very nice computer running one of the most popular Linux distributions. Some people (including me) might argue that there are really not many (or any) significant advantages of Ubuntu MATE over Raspbian, but even I can't deny that MATE looks more polished, and if you are accustomed to Ubuntu in general or MATE in particular, then this distribution is the way to go. Read more