The Channel logo

back to article Windows 8, Surface slabs ALREADY need critical security patch

Microsoft will release critical updates for Windows 8 and other software on November's Patch Tuesday next week. The upgrades will arrive within weeks of the Win 8 launch at the end of last month. All supported versions of the Windows operating system from XP SP3 up to and including Windows 8 and Windows Server 2012 will need …

COMMENTS

This topic is closed for new posts.
Silver badge
FAIL

Not only windows 8

I installed Server 2012 in a VM a few days ago. The first update was 165Mb.

Clearly unfinished software to have that amount of patching so soon after GA.

9
8
Anonymous Coward

Re: Not only windows 8

You'd rather they stop updating it in the months after it gets released to manufacturing? Not sure I understand your point here. Patches doesn't mean unfinished. Which part of server 2012 seems broken to you?

Anon because I'm a shill

7
3
Unhappy

Re: Not only windows 8

... I agree, this is "clearly unfinished software" ... when I run Windows 8 all desktop icons look like oversized wall tiles ... and the start button has vanished too ...

2
1
Anonymous Coward

Happy days

I was getting anxious without my patch Tuesdays!

What a relief that my job is justified. I can now issue a strong buy recommendation for Surface tablets.

4
0
Anonymous Coward

Is it me but...

Does the use of capitals in The Register's articles grate, it just looks a bit too Daily Mail to me.

"Queen gets sick due to BENEFIT CLAIMANTS"

"Prince Diana memorial trashed by IMMIGRANT, possibly..."

15
3
(Written by Reg staff) Silver badge

Re: Is it me but...

Less the Daily Mail, more like The New York Post or The Sun. The Mail Online and its print cousin rarely use screaming caps.

We use them to make particular stories stand out. Eg: prototype keyboard app for iPhones? No need. New operating system insecurities? Sure, why not.

C.

2
11
Anonymous Coward

Re: Is it me but...

THEN MAYBE YOU WOULD BE SO KIND AS TO ADD A 'CLICK IF YOU ARE A SUN READER' BUTTON... OR BETTER STILL ADD A 'SUN-ALIZE' BUTTON THAT TRANSLATES THE ENTIRE SITE INTO SHOUTY MURDOCH-SPEAK

h3CK, y N0t aDd l33Tz H4X0r 5h1Te t0 uR @rT1cL3Z 0n hAck1Ng?

5
4
Paris Hilton

Re: Is it me but...

Please can we have The Register Page 3 then?

4
0
Anonymous Coward

Re: Is it me but...

"This is Amiga 500, flashing her Agnus and Paula, she was from Grays, Essex and would like world peace."

2
0
Anonymous Coward

Re: Is it me but...

Surely her "fatter Agnus"? Imagine the horror when people notice that she also has a Gary... a little too edgy for some folks.

0
0
Gold badge
Coat

Re: Is it me but...

Just bash "Eee PC girl" into the search box.....

0
0
Thumb Up

Re: Is it me but...

Agnus, ew yeah. She was the one with the large blits. Paula on the other hand just induced floppy disc syndrome and made lots of noise about it.

But I for one approve of this type of porn and look forward to the super model crays with the flaps slightly parted.

0
0

This post has been deleted by its author

This post has been deleted by its author

Anonymous Coward

Re: Is it me but...

OMG... Reply to self re: Sun-alize... It's still going after so many years. Who'd have thought:

Pornalized article

Still hilarious even after more than a decade and then some!

1
0
Bronze badge
Thumb Down

"WINDOWS 8, SURFACE SLABS ALREADY NEED CRITICAL SECURITY PATCH"

Bit like iOS 6 on iPads then.

5
1
Silver badge

Apple kit is perfect and never needs patching! And it doesn't get viruses!

I know this because the commentards told me so.

11
3

So Google wants all that malware in the Play store?

0
0

They already have it. What Google want is for no one to mention their name when anyone discusses patching.

1
1
Anonymous Coward

Its good, not bad!

Sorry, but its a good thing. 'dows does security, takes it seriously, regular patching which for most users is seamless!

Slackle's lone wolf approach to secuirty will bite it in the rear.........

4
3
Silver badge
Thumb Up

"Fondletops"

See icon.

0
0
Silver badge

Re: "Fondletops"

Just what I came here to say as well.

Although for some reason I also now can't get the mental image of Essex girls out of my mind.

Someone pass the brain-bleach please.

0
0
Unhappy

Re: "Fondletops"

Why not "lapslab"?

0
0

Thanks for letting me know.

I'll wait for the first service pack before migrating though.

hmmm - when is that due??

ttfn

0
0
Coffee/keyboard

I just spat out my instant noodle

Remote code execution vulnerabilities in Word, Excel et al?

Did I read that right? Why does Office even need to connect to the interwebs, let alone open ports?

4
2
Boffin

Re: I just spat out my instant noodle

Remote code includes documents received from other parties.

2
0
Anonymous Coward

Re: I just spat out my instant noodle

Besides, lot's of Excel files connect to external data sources such RDBMSs.

OP seems to be the typical user that could use one of those extremely cut down spreadsheets...

2
1
Silver badge

Re: I just spat out my instant noodle

Have you been asleep since the 1990's?

Yeah, it's a stupid idea to let Office touch the Internet. And yeah, Office has done this since the first versions that ran on Windows 95. It's not hard to make Office run off to the web to collect some part of a file you've downloaded and it's only a short step to make it compromise itself from there (because there's ALWAYS a whole it how it handles or verifies that data).

Hell, I hacked the school network when I was a kid by using Office macros to bypass Windows explorer restrictions on drive letters and program execution. Was but the work of a moment to demonstrate to my IT teacher (who stupidly told us to "try to hack the network, it's good education, but you won't be able to") that the document he'd just accepted from me and commented on had actually used his credentials temporarily to upgrade my account to a network admin. It was only because I told him that he ever knew, and only because I was honest that I didn't get into trouble. And the next day, I was invited to the IT Office to show them what I'd done and the program I'd wrote to stop it doing just that.

It's probably not *that* easy any more but all you have to do is get Office to try to load remote data and you have the potential for an exploit by feeding it corrupt data. It does that for everything from clipart, to form-filling, to hyperlinks, to embedded images, to macros, to online collaboration.

3
3
FAIL

Not news

This really isn't news. Windows, just like EVERY (see what I did with capitals there) other operating system out there, does not get completely re-written from the ground up with each release, so it makes sense that many vulnerabilities that are discovered in Windows affect a whole range of different releases.

Microsoft should be applauded for their approach to regular, predictable patch management.

As for Windows 8 & RT, it's largely already been acknowledged (even in The Register, if only grudgingly so) that Windows 8 makes further strides forward in terms of OS security.

This is yet another example of The Register just bashing Windows 8 for the sake of it. Extra marks taken off for trying to specifically tie this to the Surface. This is hardly objective, and is really demonstrating a heavy bias in your reporting that is going to start turning people off.

8
5

Re: Not news

Google and Samsung can do no wrong!

0
0
Thumb Up

Re: Not news

Hear hear.

Every article on Windows 8 in The Register recently has been full of hate, bias and unobjective bullshit twisted to make Windows 8 look bad.

It's getting very dull and predictable, much like the fucking use of the 'fondleslab' word. Think of something new ffs.

1
0
Silver badge
Windows

"All supported versions of the Windows operating system from XP SP3 up to and including Windows 8 and Windows Server 2012 will need patching to close three security holes"

Umm, hold on, were we not told by his sweatiness (or one of his minions) that Win8 was "rewritten from the ground up"?

How can one reconcile that claim with Windows 8 sharing bugs with an incrementally upgraded OS who's genesis can be traced back to the mid 90's?

6
0
Anonymous Coward

Err...

It may well have been re-written from the ground up, if they've re-written something which complies to the same specification and merely optimised it, it is entirely possible that the vulnerability is inherent in how the system has been specified rather than the actual code itself.

2
0
Anonymous Coward

"told by his sweatiness..."

I'm sure that you know the answer but all the same - HE TELLS PORKIES !

2
0
Bronze badge
Childcatcher

@Goat Jam

...Win8 was "rewritten from the ground up.. How can one reconcile that claim with Windows 8 sharing bugs with an incrementally upgraded OS who's genesis can be traced back to the mid 90's?

In the same manner Windows NT (New Technology) was named to sound innovative and Windows 2000 was based on "NT Technology" to sound stable and established: someone simply makes the claim. If the goal is simply to affect perception, then there is no need to be overly concerned with facts.

0
0
Silver badge

Re: Err...

" if they've re-written something which complies to the same specification and merely optimised it, it is entirely possible that the vulnerability is inherent in how the system has been specified rather than the actual code itself."

Why did you use so many words when "they used copy-paste a lot" would have sufficed?

0
0
Anonymous Coward

I'm confused

RICHTO told us that all of this was totally "secure". What possible reason would he have to lie to us like that? Shurely shome mishtake?

6
0
Anonymous Coward

Re: I'm confused

"RICHTO told us that all of this was totally "secure""

You're right - he did- I was there !

Remember though it's a FACT that he is the most downvoted poster given his short history

3
0
Anonymous Coward

Re: I'm confused

"Remember though it's a FACT that he is the most downvoted poster given his short history"

Really? More than "Obviously!"? If you're right, then that's pretty scary.

2
0
Anonymous Coward

Re: I'm confused

Oh.. and "Joerg", didn't he break 200 downvotes on a single turdspurt recently? We should lock all three in a room and film it for telly..

2
0

This post has been deleted by its author

Anonymous Coward

SNAFU for all OS's

Damn you register - If I wasn't paying attention here I wouldn't haver known there was an update

https://www.suse.com/support/update/

Sorry wrong OS

Security Updates - happens to all OS's where the "vendor" is somewhat serious about addressing problems (Seriously addressing security problems costs too much in hiring BFOH's and their cattle-prods)

0
1
This topic is closed for new posts.

Opinion

Killer whale

Chris Mellor

Firm cites 'low demand' plus 'abusers'

Tim Worstall

Or why the reversal of globalisation ain't gonna 'appen
The full Spanglish breakfast: mealy pudding, bacon, black pudding, sausages, fried egg, toast
Blood image

Trevor Pott

Can the storage giant overcome a lack of necessary leadership?

Features

No, silly... he was the fall guy for years of Finnish folly
Fraud image
Frodo and the Ring
Microsoft's strategy is to make Store apps popular. Good luck with that