Re: Windows - a gazillion updates. Daily.

---

• From: Sandman <mr@xxxxxxxxxxx>
• Date: Sat, 06 Dec 2008 14:43:49 +0100

---

In article <FeKdnVuOhMu_76fUnZ2dnUVZ_oninZ2d@xxxxxxxxxxxxx>,
"Daniel Johnson" <danieljohnson2@xxxxxxxxxxx> wrote:

That's the number of updates my Windows box has nagged on me for
installing in just two months.

That's pretty ridiculous.

Maybe. Microsoft tries to get these things out quickly, and does not batch
them up in larger blocks the way Apple does.

Surely you're not seriously suggesting that Apples one security update
matchs Microsofts 30 "important" updates?

It does make the list longer, but it also means you can opt out of updates
with a finer granularity, so it's not all bad.

Only if "opt-out" means to turn the feature off or to click "No"
several times each day.

Granted, a lot of these are "definition
updates for windows defender", something that really doesn't belong
here. It should update automatically and without prompting thew user.
All Windows machines should always have the lastest definitions, no
exceptions.

Windows update can be configured to do that, and does it by default.

I've not changed anything. I posted this since it told me, again, that
it wanted my permission to update the definitions.

Windows defender *also* does it, by default, before each scan. Thus, even if
you don't have WU auto-install updates, those defender database updates
still come- unless you turn them off manually, and separately.

What do you mean "before each scan"?

It's probably safer to have *both* these tools installing defender updates;
it increases the likelyhood you'll get the update in time to block whatever
that update describes.

Windows should install them automatically, without asking the user, at
any time.

<http://sandman.net/files/macupdates.png>

That's the Mac updates in the same time period, of which two are
security related (last Safari update was a security update if I
remember correctly).

It's very hard to compare these things.

Obviously, since OSX isn't a swiss cheese of security.

Apple clearly batches together
updates more than Microsoft does- but Apple's descriptions are often
extremely vague, and it's hard to know just what they've fixed. That makes
it hard to compare.

This is the release note for the once security update in my list:

http://support.apple.com/kb/HT3216

Vague indeed.

Me, I think Apple just fixes fewer security bugs overall, as well.

Of course they do. No need to fix security bugs that doesn't exist. If
MS fixed all the security bugs they probably SHOULD fix, we'd have a
new update by the hour, methinks.

And forthermore, when previewing that screenshot, this is what I saw:

<http://sandman.net/files/yellow.jpg>

Why is it yellow? The preview icon isn't, but when opening it in the
image viewer, it is. Why oh why?

It looks pinkish to me. I've seen that effect before; it occurs if you have
a bad color profile installed for your monitor. Most things just ignore that
in Windows, including Explorer and its previews- but Photo Gallery will try
to color-convert everything to monitor's profile.

Wow, that's really stupid. Why can't they do anything right?

In theory, this makes sense. Images without profiles are probably intended
to display in the sRGB color space, and if your monitor isn't sRGB, they'll
need to be converted to look right. In practice, I've never seen this do
anything useful- monitors *are* sRGB, and color conversion on images without
profiles never seems to help in that case.

I think they'd be better off only color-converting images that do have
profiles, and theory be damned.

MS, always failing in the most curious ways.



--
Sandman[.net]
.

---

• Follow-Ups:
  • Re: Windows - a gazillion updates. Daily.
    • From: Tim Murray
  • Re: Windows - a gazillion updates. Daily.
    • From: Daniel Johnson

• References:
  • Windows - a gazillion updates. Daily.
    • From: Sandman
  • Re: Windows - a gazillion updates. Daily.
    • From: Daniel Johnson

• Prev by Date: Re: It's a great day knowing;
• Next by Date: Re: It's a great day knowing;
• Previous by thread: Re: Windows - a gazillion updates. Daily.
• Next by thread: Re: Windows - a gazillion updates. Daily.
• Index(es):
  • Date
  • Thread

---

Relevant Pages [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) SecurityFocus Microsoft Newsletter #120 ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #176 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows XP HCP URI Handler Arbitrary Command Execu... ... PHPNuke Category Parameter SQL Injection Vulnerability ... Microsoft Baseline Security Analyzer Vulnerability Identific... ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #242 ... MICROSOFT VULNERABILITY SUMMARY ... PostNuke Blocks Module Directory Traversal Vulnerability ... Groove Networks Groove Virtual Office COM Object Security By... ... The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to equal the destination source and port. ... (Focus-Microsoft) [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ... (Securiteam)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)