EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.13.09

Vista 7 Vulnerable to Latest “Critical” Flaws

Posted in Deception, Marketing, Microsoft, Security, Vista, Vista 7, Windows at 7:43 am by Dr. Roy Schestowitz

Patches integrated quickly before RTM

Border

Summary: Microsoft uses a familiar stunt to pretend that Vista 7 is more secure and then makes a lot of noise about it

NOTHING will change when it comes to computer security once Vista 7 is finally released. We wrote about the subject in:

Using what Ryan has called a “sneaky” trick, Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of "critical" patches.

In his own words: “There’s articles describing Windows 7 RTM as safe from the Patch Tuesday vulnerabilities that have been fixed in Vista and XP this month, but that’s why Microsoft made 7600.16385 the RTM, they integrated those patches right before they declared it final, then said it was safe from the bugs that affected XP and Vista. 7600.16384 was almost the RTM, but they made a new build just for these.”

“Microsoft hid the fact that Vista 7 too was vulnerable to the latest bucket of “critical” patches.”In short, he argues: “They applied all the patches, called that build the RTM, then said the RTM was unaffected. Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too. You wouldn’t notice this unless you had been following the Windows 7 build process pretty closely.

“Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.

“They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”

“Great talker, great liar.”

French Proverb

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. aeshna23 said,

    August 13, 2009 at 9:50 am

    Gravatar

    I’m having trouble following this argument. Isn’t our argument that Linux has far few vulnerabilities than Windows, and not that any operating system is going to have zero vulnerabilities for quite a while?

    Roy Schestowitz Reply:

    I was pointing out Microsoft’s dishonesty. GNU/Linux does not play those PR games. It is upfront about deficiencies and there’s rarely a question about what’s good for shareholders; it’s about what’s good for users.

  2. Yuhong Bao said,

    August 13, 2009 at 12:12 pm

    Gravatar

    Well, all this means is that 7600.16384 is affected by these security bugs, but the real RTM, 7600.16385, is not. So MS is right in claiming that the RTM is not affected. Normal, I think.
    “Watch what happens on Patch Tuesday in September and October and see how many of those bugs affect Windows 7 cause they can’t declare RTM again.”
    Normal, I think, too. I remember the first patches released for XP RTM right on it’s launch on October 25:
    http://support.microsoft.com/kb/309521
    And not just for XP itself. Windows Movie Maker 1.1 and Windows Messenger 4.0 was shipped with XP, but by the time of the launch on October 25, Windows Movie Maker 1.2 and Windows Messenger 4.5 was already available.
    Here is a list:
    http://forums.windrivers.com/archive/index.php/t-39574.html
    http://news.cnet.com/2100-1001-274987.html

  3. Yuhong Bao said,

    August 13, 2009 at 12:36 pm

    Gravatar

    “Then [they] released a press release patting Windows 7 on the back for being more secure, even though at least half those bugs affected it too.”
    That is where the trick probably is.

  4. Yuhong Bao said,

    August 13, 2009 at 12:38 pm

    Gravatar

    “They’re still patching Windows XP after 8 years. What does that tell you? I fired it up on my other laptop yesterday and had 9 security updates waiting. Well, after 8 years and ~4,000 patches you’d expect them to have tied up most of the loose ends. They said Windows XP was secure when it launched and they are *still* patching it routinely.”
    That is I think normal too. Sometimes new features introduce new security holes, but this isn’t always the case.

    Roy Schestowitz Reply:

    Sometimes new features introduce new security holes, but this isn’t always the case.

    GNU/Linux receives many patches, but:

    1. Patches are distributed to all software from the repositories, not just the core O/S and core applications.
    2. GNU/Linux distributions are often released once or twice a year. If you look at LTS releases (over time), then your comparison becomes more valid.

    Windows XP hardly changes and the number of holes found in it so far is amazing. It was touted as very secure when it was released.

What Else is New


  1. Links 24/4/2019: Chrome 74, QEMU 4.0 Released

    Links for the day



  2. Supreme Court of the UK, Which Habitually Throws Out European Patents, May Overturn Troublesome Unwired Planet v Huawei Decision

    A lot of European Patents are facing growing scrutiny from courts (Team UPC, including Bristows, publicly complains about it this month) and "greenwashing" of the Office won't be enough to paint/frame these patents as "ethical"



  3. German Federal Patent Court Curbs the Patent Maximalism of the EPO, Which Promotes Patents on Nature and/or Maths Every Single Day

    European courts are restraining the EPO, which has been trying to bypass or replace such courts (with the UPC); it certainly seems as though European Patents rapidly lose their legitimacy or much-needed presumption of validity



  4. Any 'Linux' Foundation Needs to Be Managed by Geeks, Not Politicians and PR People

    Linux bureaucracy has put profits way ahead of technical merits and this poses a growing threat or constitutes risk to the direction of the project, not to mention its ownership



  5. Links 23/4/2019: Kodi 'Leia' 18.2 and DeX Everywhere

    Links for the day



  6. Code of Coercion

    Entryism is visible for all to see, but pointing it out is becoming a risky gambit because of the "be nice!" (or "be polite!") crowd, which shields the perpetrators of a slow and gradual corporate takeover



  7. António Campinos Would Not Refer to the EPO's Enlarged Board of Appeal If He Did Not Control the Outcomes

    António Campinos and his ilk aren’t interested in patent quality because his former ‘boss’, who publicly denied there were issues and vainly rejected patent quality concerns as illegitimate, is now controlled by him (reversal of roles) and many new appointees at the top are "yes men" (or women) of Campinos, former colleagues whom he bossed at EUIPO (as expected)



  8. Links 22/4/2019: Linux 5.1 RC6, New Release of Netrunner and End of Scientific Linux

    Links for the day



  9. USPTO and EPO Both Slammed for Abandoning Patent Quality and Violating the Law/Caselaw in Order to Grant Illegitimate Patents on Life/Nature and Mathematics

    Mr. Iancu, the ‘American Battistelli’ (appointed owing to nepotism), mirrors the ‘Battistelli operandi’, which boils down to treating judges like they’re stooges and justices like an ignorable nuisance — all this in the name of litigation profits, which necessitate constant wars over illegitimate patents (it is expensive to prove their illegitimacy)



  10. IRC Proceedings: January 27th, 2019 – March 24th, 2019

    Many IRC logs



  11. IRC Proceedings: December 2nd, 2018 – January 26th, 2019

    Many IRC logs



  12. Links 21/4/2019: SuperTuxKart's 1.0 Release, Sam Hartman Is Debian’s Newest Project Leader (DPL)

    Links for the day



  13. The EPO's Use of Phrases Like “High-Quality Patent Services” Means They Know High-Quality European Patents Are 'Bygones'

    The EPO does a really poor job hiding the fact that its last remaining objective is to grant as many European Patents as possible (and as fast as possible), conveniently conflating quality with pace



  14. A Reader's Suggestion: Directions for Techrights

    Guest post by figosdev



  15. Links 20/4/2019: Weblate 3.6 and Pop!_OS 19.04

    Links for the day



  16. The Likes of Chartered Institute of Patent Attorneys (CIPA), Team Campinos and Team UPC Don't Represent Europe But Hurt Europe

    The abject disinterest in patent quality and patent validity (as judged by courts) threatens Europe but not to the detriment of those who are in the 'business' of suing and printing lots of worthless patents



  17. The Linux Foundation Needs to Change Course Before GNU/Linux (as a Free Operating System) is Dead

    The issues associated with the Linux Foundation are not entirely new; but Linux now incorporates so many restrictions and contains so many binary blobs that one begins to wonder what "Linux" even means



  18. Largest Patent Offices Try to Leave Courts in a State of Disarray to Enable the Granting of Fake Patents in the US and Europe

    Like a monarchy that effectively runs all branches of government the management of the EPO is trying to work around the judiciary; the same is increasingly happening (or at least attempted) in the United States



  19. Links 19/4/2019: PyPy 7.1.1, LabPlot 2.6, Kipi Plugins 5.9.1 Released

    Links for the day



  20. Links 18/4/2019: Ubuntu and Derivatives Have Releases, digiKam 6.1.0, OpenSSH 8.0 and LibreOffice 6.2.3

    Links for the day



  21. Freedom is Not a Business and Those Who Make 'Business' by Giving it Away Deserve Naming

    Free software is being parceled and sold to private monopolisers; those who facilitate the process enrich themselves and pose a growing threat to freedom in general — a subject we intend to tackle in the near future



  22. Concluding the Linux Foundation (LF) “Putting the CON in Conference!” (Part 3)

    Conferences constructed or put together based on payments rather than merit pose a risk to the freedom of free software; we conclude our series about events set up by the largest of culprits, which profits from this erosion of freedom



  23. “Mention the War” (of Microsoft Against GNU/Linux)

    The GNU/Linux desktop (or laptops) seems to be languishing or deteriorating, making way for proprietary takeover in the form of Vista 10 and Chrome OS and “web apps” (surveillance); nobody seems too bothered — certainly not the Linux Foundation — by the fact that GNU/Linux itself is being relegated or demoted to a mere “app” on these surveillance platforms (WSL, Croûton and so on)



  24. The European Patent Office Does Not Care About the Law, Today's Management Constantly Attempts to Bypass the Law

    Many EPs (European Patents) are actually "IPs" (invalid patents); the EPO doesn't seem to care and it is again paying for corrupt scholars to toe the party line



  25. The US Supreme Court (SCOTUS) Once Again Pours Cold Water on Patent Maximalists

    Any hopes of a rebound or turnaround have just been shattered because a bizarre attack on the appeal process (misusing tribal immunity) fell on deaf ears and software patents definitely don't interest the highest court, which already deemed them invalid half a decade ago



  26. Links 17/4/2019: Qt 5.12.3 Released, Ola Bini Arrested (Political Stunts)

    Links for the day



  27. Links 16/4/2019: CentOS Turns 15, Qt Creator 4.9.0 Released

    Links for the day



  28. GNU/Linux is Being Eaten Alive by Large Corporations With Their Agenda

    A sort of corporate takeover, or moneyed interests at the expense of our freedom, can be seen as a 'soft coup' whose eventual outcome would involve all or most servers in 'the cloud' (surveillance with patent tax as part of the rental fees) and almost no laptops/desktops which aren't remotely controlled (and limit what's run on them, using something like UEFI 'secure boot')



  29. Reader's Claim That Rules Similar to the Code of Conduct (CoC) Were 'Imposed' on LibrePlanet and the FSF

    Restrictions on speech are said to have been spread and reached some of the most liberal circles, according to a credible veteran who opposes illiberal censorship



  30. Corporate Media Will Never Cover the EPO's Violations of the Law With Respect to Patent Scope

    The greed-driven gold rush for patents has resulted in a large pool of European Patents that have no legitimacy and are nowadays associated with low legal certainty; the media isn't interested in covering such a monumental disaster that poses a threat to the whole of Europe


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts