Language Selection

English French German Italian Portuguese Spanish

Faulty M$ Update Rekindles Patch Quality Concerns

Filed under
Microsoft

For Microsoft, delivering high-quality security patches in a timely manner has always been a lose-lose predicament.

If patches for major software vulnerabilities take too long, customers are at the mercy of zero-day threats. When patches are rushed out without proper quality assurance testing, they invariably become a system administrator's worst nightmare.

Earlier this week, when Microsoft Corp. announced plans to re-release a "critical" bulletin because of patch quality problems, the move triggered a new round of eye-rolling among security research pros.

The bulletin, MS05-019, first released in April, contains patches that have caused major connectivity problems for network administrators.

The connectivity errors range from the inability of Exchange servers to talk to their domain controllers; failure of domain controller replication across WAN (wide area network) links; and inability to connect to terminal servers or to file share access.

Microsoft also acknowledged that networking programs that send TCP packets or UDP packets over raw IP sockets "may stop working" after the security update is applied on a computer running Windows XP SP1 (Service Pack 1).

A knowledge base article has been posted to highlight the problems, and hotfixes have been offered to provide temporary respite, but despite Microsoft's insistence that the problems affect only a small number of customers, security experts said the re-release of a high-severity bulletin points to a weakness in Microsoft's patch creation process.

"A hotfix for a patch? I hope it works properly, or what's next? A hotmend for the hotfix for the patch?" asked Corey Nachreiner, a network security analyst at WatchGuard Technologies Inc.

In an interview with Ziff Davis Internet News, Nachreiner said some of his company's clients have complained that the patches have broken VPN connections, a problem he described as "a big deal" for the SMB (small and medium-sized business) market segment.

Because the patch is rated critical by Microsoft, Nachreiner said he cannot recommend uninstalling the patch.

"It means that a lot of customers are scrambling to get hotfixes to keep their systems connected."

Officials at Microsoft insisted the company is doing "far more for this one than necessary" to help ensure every customer has the most recent changes to the update.

Full Story.

More in Tux Machines

Boards With Linux

  • Latest Linux Maker Boards Gamble on Diversity
    As usual, last week’s Embedded World show in Nuremberg, Germany was primarily focused on commercial embedded single board computers (SBCs), computer-on-modules, and rugged industrial systems for the OEM market. Yet, we also saw a growing number of community-backed maker boards, which, like most of the commercial boards, run Linux. The new crop shows the growing diversity of hacker SBCs, which range from completely open source models to proprietary prototyping boards that nevertheless offer low prices and community services such as forums and open source Linux distributions.
  • Rugged, expandable 3.5-inch Skylake SBC supports Linux
    Diamond’s 3.5-inch “Venus” SBC offers an Intel 6th Gen CPU, -40 to 85°C support, up to 20GB of ruggedized RAM, and mini-PCIe and PCIe/104 OneBank.
  • How enthusiasts designed a powerful desktop PC with an ARM processor

    The purpose of the gathering was to get the ball rolling for the development of a real desktop based on ARM. The PC will likely be developed by 96boards, which provides specifications to build open-source development boards.

Has Interest in Ubuntu Peaked?

This graph represents Google search volume for Ubuntu (the OS) from 2004 until now, 2017. Looking at the image it us hard to not conclude one thing: that interest in Ubuntu has peaked. Read more Also: Ubuntu splats TITSUP bug spread in update

Leftovers: OSS

Security Leftovers

  • Windows flaw lets attackers take over A-V software

    A 15-year-old flaw in every version of Windows right from XP to Windows 10 allows a malicious attacker to take control of a system through the anti-virus software running on the system.

  • Google Continues to Make Strides in Improving Android Security
  • Google cites progress in Android security, but patching issues linger
  • Dark Matter
    Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware. Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.