08.13.09

Vista 7 Vulnerable to Latest “Critical” Flaws

Posted in Deception, Marketing, Microsoft, Security, Vista, Vista 7, Windows at 7:43 am by Dr. Roy Schestowitz

Patches integrated quickly before RTM

Border

Summary: Microsoft uses a familiar stunt to pretend that Vista 7 is more secure and then makes a lot of noise about it

NOTHING will change when it comes to computer security once Vista 7 is finally released. We wrote about the subject in:

Using what Ryan has called a “sneaky” trick, Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of "critical" patches.

In his own words: “There’s articles describing Windows 7 RTM as safe from the Patch Tuesday vulnerabilities that have been fixed in Vista and XP this month, but that’s why Microsoft made 7600.16385 the RTM, they integrated those patches right before they declared it final, then said it was safe from the bugs that affected XP and Vista. 7600.16384 was almost the RTM, but they made a new build just for these.”

“Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of “critical” patches.”In short, he argues: “They applied all the patches, called that build the RTM, then said the RTM was unaffected. Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too. You wouldn’t notice this unless you had been following the Windows 7 build process pretty closely.

“Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.

“They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”

“Great talker, great liar.”

French Proverb

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. aeshna23 said,

    August 13, 2009 at 9:50 am

    Gravatar

    I’m having trouble following this argument. Isn’t our argument that Linux has far few vulnerabilities than Windows, and not that any operating system is going to have zero vulnerabilities for quite a while?

    Roy Schestowitz Reply:

    I was pointing out Microsoft’s dishonesty. GNU/Linux does not play those PR games. It is upfront about deficiencies and there’s rarely a question about what’s good for shareholders; it’s about what’s good for users.

  2. Yuhong Bao said,

    August 13, 2009 at 12:12 pm

    Gravatar

    Well, all this means is that 7600.16384 is affected by these security bugs, but the real RTM, 7600.16385, is not. So MS is right in claiming that the RTM is not affected. Normal, I think.
    “Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.”
    Normal, I think, too. I remember the first patches released for XP RTM right on it’s launch on October 25:
    http://support.microsoft.com/kb/309521
    And not just for XP itself. Windows Movie Maker 1.1 and Windows Messenger 4.0 was shipped with XP, but by the time of the launch on October 25, Windows Movie Maker 1.2 and Windows Messenger 4.5 was already available.
    Here is a list:
    http://forums.windrivers.com/archive/index.php/t-39574.html
    http://news.cnet.com/2100-1001-274987.html

  3. Yuhong Bao said,

    August 13, 2009 at 12:36 pm

    Gravatar

    “Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too.”
    That is where the trick probably is.

  4. Yuhong Bao said,

    August 13, 2009 at 12:38 pm

    Gravatar

    “They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”
    That is I think normal too. Sometimes new features introduce new security holes, but this isn’t always the case.

    Roy Schestowitz Reply:

    Sometimes new features introduce new security holes, but this isn’t always the case.

    GNU/Linux receives many patches, but:

    1. Patches are distributed to all software from the repositories, not just the core O/S and core applications.
    2. GNU/Linux distributions are often released once or twice a year. If you look at LTS releases (over time), then your comparison becomes more valid.

    Windows XP hardly changes and the number of holes found in it so far is amazing. It was touted as very secure when it was released.

What Else is New


  1. IRC Proceedings: Friday, January 15, 2021

    IRC logs for Friday, January 15, 2021



  2. Links 15/1/2021: KaOS 2021.01, Whisker Menu 2.5.2, Istio 1.8.2

    Links for the day



  3. InteLeaks – Part XV: Intel is Blind to Blind and Colour-Blind People

    Intel does not seem to grasp very basic concepts associated with accessibility; nevertheless, Intel shamelessly tries painting itself as "woke" and a "justice warrior" (policing speech while overlooking much-needed practical work)



  4. Links 15/1/2021: GStreamer 1.18.3 and Proton 5.13-5

    Links for the day



  5. IRC Proceedings: Thursday, January 14, 2021

    IRC logs for Thursday, January 14, 2021



  6. Links 14/1/2021: Wine 6.0, Debian 11 Freeze, and Alpine Linux 3.13

    Links for the day



  7. Patent Propaganda and UPC Jingoism Instead of Actual News

    Today's so-called 'news' about the EPO (Europe's second-largest institution) and the failed UPC is nothing short of shameless propaganda



  8. Links 14/1/2021: Season of KDE 2021 Selection, Mesa 21.0.0-RC1, Tor Browser 10.0.8

    Links for the day



  9. InteLeaks – Part XIV: Technical Incompetence and Incoherence Leading to Alienation and Brain Drain

    The idea that Intel "loves Linux" or "supports Linux" is somewhat of a sham; one needs only to consider what Intel insiders are saying about that, having witnessed it firsthand



  10. IRC Proceedings: Wednesday, January 13, 2021

    IRC logs for Wednesday, January 13, 2021



  11. Links 13/1/2021: $150 RISC-V Computer With GNU/Linux, Intel Replaces CEO Again, and New Fedora 34 Plans

    Links for the day



  12. Unitary Patent is Dead and Lies About the Unified Patent Court (UPC) Aren't Ending

    Not "Russian agents" but concerned European citizens are beginning to see the truth behind the Unified Patent Court, which the 'media' has wrongly called "Unitary Patent Court" three times in 2 days



  13. InteLeaks – Part XIII: GNU/Linux Documentation From People Who Never Even Use GNU/Linux

    Inside Intel there's a whole bunch of embarrassing secrets about the Developer/Development eXperience ("DX") team; no wonder documentation efforts have been lacking and far too much time wasted putting such documentation together



  14. Links 13/1/2021: Mozilla VPN, NeoChat 1.0.1 and Sci-Hub Under Attack

    Links for the day



  15. IRC Proceedings: Tuesday, January 12, 2021

    IRC logs for Tuesday, January 12, 2021



  16. GNOME Foundation is Still Participating in the Attack on Richard Stallman

    GNOME's supposed 'representatives' (close-knit friends with Microsoft connections) continue to attack RMS (Richard Stallman), the founder of GNU (the G in GNOME) and the Free Software Movement



  17. Links 12/1/2021: GTK 4.0.1 Released, Jailbroken iPhone 7 Running Ubuntu

    Links for the day



  18. InteLeaks – Part XII: Intel Isn't Interested in Improving and Instead It's Shooting the Messengers Who Highlight Areas for Improvement

    It seems rather clear that Intel (quite frankly like many other companies but perhaps even more so than the rest) isn't interested in self-assessment and instead it's looking to muzzle or even oust constructive critics



  19. IRC Proceedings: Monday, January 11, 2021

    IRC logs for Monday, January 11, 2021



  20. Tiger Computing Ltd Afraid of Being Seen as Close to the British Military, Resorts to SLAPP Against Blogger and GNU/Linux Developer

    Tiger Computing Ltd (UK) has resorted to baseless legal threats against critics and sceptics, based on clear and obvious misuse of trademark or copyright laws (they don't even seem to know the difference)



  21. Marketing Companies (Disguised as News Sites) Badmouth Linux, Go, Monero and More

    Another day, another shallow piece associating “Linux” with security risks based on something that has nothing to do with GNU/Linux and generally boils to nothing like a real threat (unlike Windows back doors)



  22. The Media is Slurring and Misleading Linux Users Instead of Just Telling the Mundane and Objective News

    The "big sites" or the so-called 'news' sites seem incapable of just objectively covering the news (in line with journalism/journalistic standards)



  23. Links 11/1/2021: Kdenlive 20.12.1, fwupd 1.5.5, Microsoft Offline Again

    Links for the day



  24. InteLeaks – Part XI: Accountability Issues and Disdain for Views/Opinions of Actual GNU/Linux Users/Developers/Communities

    The truth about internal affairs at Intel and developers' struggle with "low/non-tech involvement," as told by insiders



  25. Links 11/1/2021: Linux 5.11 RC3, Firefox Integrates More Patent Traps

    Links for the day



  26. As Microsoft Windows Drops to Just 30% Market Share the Microsoft-Connected 'Net Applications' Wants You to Think Windows Still Has Over 90% of the Market

    StatCounter says Windows is down to 30% this month (Android is at over 42%) and it’s time to talk about the lies which are still being spread by Net Applications (many so-called ‘news’ sites helped spread those lies last year, including so-called ‘Linux’ sites)



  27. IRC Proceedings: Sunday, January 10, 2021

    IRC logs for Sunday, January 10, 2021



  28. People Sponsored by Google Are Hiding Sponsorship by Google and Hiding Google Critics

    FOSDEM mailing list hides the critics of Google; it's becoming part of a familiar pattern



  29. Alex Oliva's Departure is a Massive Loss to the Free Software Foundation

    The FSF (Free Software Foundation, established 1985) is losing not only Mr. Oliva; it loses some credibility as the departure contributes to the general perception that there's still an ongoing coup, reinventing the FSF in the image not of its very own founder



  30. InteLeaks – Part X: Replacing Free Software With Microsoft, Turning One-Minute Processes Into Days Long

    Processes that were entirely Free software-centric were rejected and replaced by truly antithetical spyware of companies that aren't Intel and give Intel no autonomy or self-determination


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts