Results 1 to 7 of 7

Thread: Microsoft releases worm fix for older versions of Windows

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    Microsoft releases worm fix for older versions of Windows

    It hopes to stem WannaCry-style attacks propagating via the horde of older systems.
    Read more.

  2. #2
    Senior Member
    Join Date
    Sep 2010
    Posts
    388
    Thanks
    8
    Thanked
    19 times in 17 posts
    • simonpreston's system
      • Motherboard:
      • Asus Prime X370 Pro
      • CPU:
      • Ryzen 7 3800X
      • Memory:
      • 32GB DDR4 3000mhz
      • Storage:
      • A lot.
      • Graphics card(s):
      • Radeon RX580
      • PSU:
      • Corsair RM850x
      • Case:
      • Zalman MS1000
      • Operating System:
      • Windows 10 / Kubuntu 20.04
      • Monitor(s):
      • 2x Dell 2412m
      • Internet:
      • Virgin Media

    Re: Microsoft releases worm fix for older versions of Windows

    Seems even Microsoft have completely forgotten about Vista's existence (although the codebase has some acknowledgement with Server 2008).

  3. #3
    Senior Member
    Join Date
    Aug 2016
    Posts
    3,894
    Thanks
    934
    Thanked
    971 times in 717 posts

    Re: Microsoft releases worm fix for older versions of Windows

    A good, responsible move from MS.

    ...

    However, the issuing of these patches for older OSes doesn't mean that users, companies and institutions will get around to updating their old systems anytime soon.
    True enough .... but for various reasons.

    I won't be updating my several remaining W7 systems, but then I know they are not susceptible to infection, and absolutely incapable of taking part in future WannaCry attacks.

    The problem is that the vast majority of potentially vulnerable users don't know they're vulnerable, wouldn't know WannaCry if it bit their backside and therefore aren't likely to see, let alone apply, this or any other patch.

    Still, MS can't do much about them, now.

  4. #4
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    12,978
    Thanks
    778
    Thanked
    1,586 times in 1,341 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 5900X
      • Memory:
      • 32GB 3200MHz ECC
      • Storage:
      • 2TB Linux, 2TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 39 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Iiyama 27" 1440p
      • Internet:
      • Zen 900Mb/900Mb (CityFibre FttP)

    Re: Microsoft releases worm fix for older versions of Windows

    Quote Originally Posted by Saracen999 View Post
    The problem is that the vast majority of potentially vulnerable users don't know they're vulnerable, wouldn't know WannaCry if it bit their backside and therefore aren't likely to see, let alone apply, this or any other patch.

    Still, MS can't do much about them, now.
    If only MS had a system of mandatory patching... <runs for cover...>

  5. #5
    Old Geezer
    Join Date
    Jul 2016
    Location
    Under a rusty bucket
    Posts
    540
    Thanks
    53
    Thanked
    42 times in 31 posts

    Re: Microsoft releases worm fix for older versions of Windows

    Quote Originally Posted by DanceswithUnix View Post

    <runs for cover...>
    A wise move!

  6. #6
    Senior Member
    Join Date
    Aug 2016
    Posts
    3,894
    Thanks
    934
    Thanked
    971 times in 717 posts

    Re: Microsoft releases worm fix for older versions of Windows

    Quote Originally Posted by DanceswithUnix View Post
    If only MS had a system of mandatory patching... <runs for cover...>
    Three reactions :-


    1) Oooh, you .... you .... dammit, why can I never find a spare custard pie when I need one, and hiding behind the sofa won't do you any good. Oh, never mind custard pies, found a fresh cowpat.

    2) Ever considered a career on the stage? No? Probably wise.


    3) The serious one, ignoring the obvious prodding at tender spots.


    Okay, two different things.

    As I said yesterday I think) I see three types of "update" :-

    a) Bug-fixes.

    b) Security patches (of varying degree of urgency)

    c) feature changes or new features.


    In regard to a), only a fool objects to bug-fixes of stuff they use. And possibly, standard components even if they dont use them, though removing unwanted components would be a better option for many users.

    In regard to b), only a fool ignores security patches.

    However, there is a difference between "ignore" and "defer", in relation to both a) and b).

    Personally, I would install critical security patches right now unless I am doing something too importsnt to interrupt at the moment. I reserve the right to disregard even that, in order to finish what I need to do, or transfer to a different machine, or run a backup, file-sync, whatever. If necesary, turn off wifi router or disconnect ethernet cable in the meantime.

    A LOT depends on what "update" means, because it can be anything from replacing a single file, perhaps shutting and restarting a service in the process, to installing thousands of files, GB of stuff, and effectively applying what used to be a service pack which will both take a goodly chunk of time and run the risk small though it may be, of borking the machine .... which I cannot afford to risk if it's 9am and an editor is expecting copy on his (electronic) desk by 10am, latest.

    My argument in those cases is, by all means default to auto-update, and give more sophisticated users a decent level of control of, at a minimum, when.

    It's a bit different, as said elsewhere, when it comes to new features, or radically changing or removing existing ones.

    Put it this way. Why should MS be able to decide what new "features" you, or I, need?

    There's about a gazzillion software houses out there, all writing stuff they hope will sell. And good luck to them. I've bought quite a few packages that way, from FTP Server software, to a Book Collectir database, to genealogy software. But each of those is a niche product. You personally, Dances, might want or have decent FTP Server software, but I'd bet about 99% of Win users would either have no clue what it is, or no need at all for it.

    Similarly, only people seriously researching their family tree are likely to want commercial-grade software, and only a serious book collector (I'm at about 4000 books) needs a commercial-grade database.

    And there must be thousands of other niches. In fact, here's one. I have some software that allows mil-spec encryption and burnjng to CD/DVD. Without both that software and user-generated keys, you aren't decrypting those disks unless you're GCHQ, the NSA or some other world-class and probably sovereign state agency, or hacker collective .... and if you are and do decrypt 'em, you're due to be mightily disappointed unless you're desperate for my letters from my doctor, archived domestic utility bills and so forth.


    Anyway, back on point.

    Nobody in their right mind would let any of those gazzilions of software houses just install thejr stuff whether the user wants it ir not, but if MS decides to buy 100,000 of those packages and install them, we're supposed to just let them because, hey, it's MS and they called in a feature, or enhancement, or whatever.


    Here's a somewhat purist thought any software developer ouhht to get - if it ain't installed, it can't go wrong. It also doesn't pointlessly use seemingly ever-larger amounts og HD let alone SSD) space installing loads of bloatware I don't want, would never buy ir even install if free, and sometimes (like Alexa-AI) vehementky object to.

    Microsoft are, IMHO, abusing a perfectly rational case for categories a) and b) by push-installing stuff with or without user's agreement and regardless of their wishes.

    Oh, and note .... re: a) and b), when MS FINALLY extended the deferrsl period go e5 days, I said in the relevant thread that that was probably enough, even for a vocsl critic like me.

    But not for c).
    Last edited by Saracen999; 15-05-2019 at 01:18 PM. Reason: Tpyos

  7. #7
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    12,978
    Thanks
    778
    Thanked
    1,586 times in 1,341 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 5900X
      • Memory:
      • 32GB 3200MHz ECC
      • Storage:
      • 2TB Linux, 2TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 39 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Iiyama 27" 1440p
      • Internet:
      • Zen 900Mb/900Mb (CityFibre FttP)

    Re: Microsoft releases worm fix for older versions of Windows

    Quote Originally Posted by Saracen999 View Post
    Oh, never mind custard pies, found a fresh cowpat.
    Someone running after me carrying a fresh cowpat would I'm sure be YouTube gold, but hopefully it won't come to that

    Sorry, but I just couldn't resist.


    Here's a somewhat purist thought any software developer ouhht to get - if it ain't installed, it can't go wrong.
    Sort of. If it isn't installed, it can't be used as a building block for other software. This is something Microsoft gets horribly wrong, with a lack of dependency analysis and proper packaging. That means if I want to import graphics into my program, I have to write or include code to do that in my program. Every program that needs to do such basic functionality needs to include their own dll, and they will all be stored in different directories and possibly all loaded into ram at the same time, possibly interacting in unintended ways as they are versions of the same thing wanting the same resources.

    In Linux, I put a line in my package file to say "I want libpng of at least this version number", that dependency will probably already be met but if it isn't then the package manager will go fetch it for me and keep that part updated. So actually having something already there, or at least readily available, can lead to smaller footprint and more stable platforms.

    Windows is a good example of the old computing joke "We see so far because we are standing on the feet of giants."

    (if anyone doesn't get that: https://en.wikipedia.org/wiki/Standi...ders_of_giants, but computing has a really poor history of code re-use so we only get as far as the feet)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •