back to article Microsoft warns of super-sized Patch Tuesday next week

It's getting close to security update time in Redmond yet again, and Microsoft has given notice that Windows and Office users can expect another nice, big pile of fixes on November's Patch Tuesday. The software giant gave advance notice of no less than 16 security bulletins to be addressed on November 11, five of which have …

  1. Stuart 22

    The Dummy's Guide to Hacking XP

    New edition, available late Tuesday. Reserve your copy now to beat the rush ...

    1. JeffyPoooh
      Pint

      Reinstall Windows 7, run Update over and over again for the next 17 hours...

      ...Hundreds and hundreds of updates.

      A couple of dozen is NOTHING.

      1. chivo243 Silver badge
        Thumb Down

        Re: Reinstall Windows 7, run Update over and over again for the next 17 hours...

        I relived this hell the past week, also installing 2008r2 and all the updates (including sp1). It was ±250 updates for each. Lots of double reboots...

        More Service Packs for crying out loud!

  2. Anonymous Coward
    Anonymous Coward

    Wow, haven't they fixed Windows yet?

  3. Anonymous Bullard
    Windows

    Microsoft is encouraging those who have disabled automatic updates to apply them promptly

    Well, maybe if they didn't fuck things up with every update, then people wouldn't be disabling them!

    I hate the way they handle patches - but I guess that's because I've been blessed with the knowledge of other systems, too.

    Perhaps having an adequate update process isn't a selling point to the majority of people who go for Windows.

    1. PCS

      Of course, other operating systems are perfect aren't they?

      1. Anonymous Bullard

        other operating systems are perfect aren't they

        First you need to define "perfect", and I just said that I hate Windows updates because I've seen better, nothing about perfection. Sorry.

    2. Anonymous Coward
      Anonymous Coward

      "I hate the way they handle patches - but I guess that's because I've been blessed with the knowledge of other systems, too."

      The Microsoft method of scheduled updates on a known timescale (unless exploits are already in the wild) is far better than most other products with random patch release dates. I have worked with an least 12 different OSs and I can't think of one that's as good as Microsoft in the respect of regular scheduled and well tested security updates. Yes they occasionally have a bug in a patch - but its not like the OSS mess where they chuck anything out the door without proper regression testing . With Microsoft you don't get situations like the BASH mess that took no less than 4 goes to release a secure fix!

      The deployment toolsets for larger scale users like WSUS and SCCM are class leaders too.

      1. Wensleydale Cheese

        With Microsoft you don't get situations like the BASH mess...

        "With Microsoft you don't get situations like the BASH mess that took no less than 4 goes to release a secure fix! "

        How many goes have they had at securing IE?

        1. Gis Bun

          Re: With Microsoft you don't get situations like the BASH mess...

          The same number of times the Chrome browser has been updated. As a matter of fact Chrome get updated in some case more than once a month.

          Wasn't it the Chrome browser that set a browser [and probably an app record] for the most vulnerabilities fixed [something like 156] as well as non-security fixes [about 130] in a single update. You call that secure?

          Not to be outdone, every time I open Firefox, there seems to be an update.

      2. Anonymous Bullard
        Windows

        The Microsoft method of scheduled updates on a known timescale (unless exploits are already in the wild) is far better than most other products with random patch release dates

        Better for you, perhaps. But not those of us who want our computers to work for us, and not the other way 'round. Different people have different needs - "random" (ASAP, you mean) gives people a choice, you can either apply them immediately - or sit on them for a month where you can re-schedule your urgent responsibilities into when it's more convenient for you.

        It's up to you what you do, but don't inflict your practices and preferences on others, who have different priorities than yourself.

        Personally, I don't want to wait weeks, and I don't want them to get in my way, nag me, cause me to run "safe mode", or interrupt my work flow. I get that crap with Windows, and that's why I hate the way they handle patches. If you love that stuff, then go knock yourself out.

        I have worked with an least 12 different OSs and I can't think of one that's as good as Microsoft in the respect of regular scheduled and well tested security updates

        So you've been using all versions of Windows since ~Win98, and you can't think of anything better?

        not like the OSS mess where they chuck anything out the door without proper regression testing. With Microsoft you don't get situations like the BASH mess that took no less than 4 goes to release a secure fix!

        The bash vulnerability was handled quite well. Majority of bash installations weren't even affected by it in the slightest. What are these "no less than 4 goes" you talk about? There were 5 similar/different bug reports, if that's what you mean. But the patches required no reboots, no crashes, just click "Install" if security updates aren't automated. So, how could MS have handled it better? Just because they're MS, or do you have any reasoning in your MS rants beyond your own vested interest?

        No? then fuck off. I've been using this piece of shit since DOS, it's my right to bring out valid points about how shit the update procedure is, and one day someone might actually listen to us tossers and ... oh, look.. they're starting to. Hmm, and it's open source. tut tut.

        1. JeffyPoooh
          Pint

          "...I've been using this piece of shit since DOS..."

          Noobie.

          1. Anonymous Bullard

            Re: "...I've been using this piece of shit since DOS..."

            Noobie

            Thanks for making me feel young!

      3. eulampios

        the thirteenth OS

        >>I have worked with an least 12 different OSs and I can't think of one that's as good as Microsoft in the respect of regular..

        Why do you need so many different OSes in the marketing department?

        >>With Microsoft you don't get situations like the BASH mess that took no less than 4 goes to release a secure fix!

        What's "Bash mess" would be MS' bliss (didn't rhyme unfortunately) Even when MS patch BEFORE it's out in the wild, they still get something like conficker with tens of millions of compromised servers. Speaks volumes about their perfect patching credentials. Shellshock got a correct patch within a week anyways, BTW.

        >>Yes they occasionally have a bug in a patch - but its not like the OSS mess where they chuck..

        Such bug might render a system unbootable without any straightforward fix, while the "OSS mess" gives an opportunity to boot to the last stable kernel in a similar situation. Remember those 12 (hundred) OSes you used to deal with?

      4. Hans 1
        Windows

        >The Microsoft method of scheduled updates on a known timescale (unless exploits are already in the wild) is far better than most other products with random patch release dates.

        With FOSS software and a git/subversion/cvs client, you can get the sources as soon as the software has been patched by the dev and compile from source if it is a 0-day ... NOTHING BEATS THAT.

        Proprietary software is for numpties like you, no ifs, buts or maybes.

    3. TechicallyConfused

      Because

      Unix, Linux and OSX are sooooo secure.

      Apple doesn't care to listen or patch

      Unix think its beneath them

      Linux is too dissolute to do anything meaningful about it

      At least MS tries

      1. Anonymous Coward
        Anonymous Coward

        @TechnicallyConfused

        Never has an online moniker been more apropos.

  4. Gray
    Windows

    Like an alcoholic ...

    ... more bad booze, another hangover. Oh, wait ... we've got XP. We'll pass this round, bartender.

  5. TheProf
    Go

    Damnned if you do

    Microsoft is fixing problems in it's programs. Is this not good news?

  6. James 47

    Patching is hard

    There's more to it than blindly fixing the issue, you also have to make sure your fix doesn't break anything else - which is something Microsoft is very, very good at.

    When I upgraded Ubuntu to Trusty it actually borked the OS.

    1. Anonymous Coward
      Anonymous Coward

      Re: Patching is hard

      "There's more to it than blindly fixing the issue, you also have to make sure your fix doesn't break anything else - which is something Microsoft is very, very good at."

      But they're not - that's the issue most of us have.

    2. Gert Leboski

      Re: Patching is hard

      Apples and oranges there....

      You say that Microsoft is good at issuing patches that don't break anything.

      Then to slag off Linux, you use a complete dist-upgrade as an example?

      You've described two completely different and not at all comparable scenarios.

  7. Boris the Cockroach Silver badge
    Windows

    IE

    still in windows?

    They could save themselves a whole lot of time, effort and money by dumping it ....

    Just a thought

    1. Anonymous Bullard

      Re: IE

      And save the rest of us time, effort, and money!

      1. Kiwi

        Re: IE

        And save the rest of us time, effort, and money!

        Not really.

        I make my living from cleaning up these messes. If MS got their act together, I'd be out of a job!

        Glad they're doing this just before Christmas. Hate the slump in work we get this time of year.. Hey MS, do us a favour and have an even bigger round next month, please? I could use another pile of broken Windows boxes to get me a Chrissy Bonus!

  8. poopypants

    I'll be applying the patches on Thursday

    after listening carefully for screams on Tuesday and Wednesday.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'll be applying the patches on Thursday

      I suspect most of the posters so far have not actually gone and read the MS notice yet.

      Having done so I'll be turning off auto update today and scheduling all day Wed/Thu for client visits.

      no less than 6x "restart required". with any luck some of those might be parallel installs.

  9. Versace
    Windows

    XP expired

    Does anybody know how many XP patches have been released since support expired?

    1. Spoonsinger

      Re: Does anybody know how many XP patches have been released since support expired?

      Yes. Somebody out their knows - but I suspect you'll have to define your terms more clearly to get an accurate answer.

    2. Gis Bun

      Re: XP expired

      Technically one: that out of band update in early May.

      That said, most .net Framework updates that work with Server 2003 will work with Win XP - just won't be supported.

  10. eulampios

    incorrect terminology: patch or simply update (upgrade)?

    Why would you call this patch a "supersized"? How much would a user have to eventually download?

    Apart from the configuration files, 'patch' in this situation (and when applied to MS Windows in general) is quite a misnomer, since it apps don't receive a patch in the source code by applying the diffs and then get (re)built all anew, it's rather an update when the affected binaries get replaced on the system. Unless MS came up with some super-innovative, theoretical unlikely binary patching technique...

  11. Al fazed
    WTF?

    Yawn, here we go, here we go, here we go........

    Been at it since DOS days and it hasn't got anymore exciting, or interesting except for those couple of occassions where automatic updates bricked some poor fuckers machines. Windows updates, MAC updates, Linux updates, they've got to be done as what IBM call a "steady state", others call a Swiss cheese that hasn't matured yet.

    It doesn't surprise me that humans cannot make an operating system that is absolutely flawless. What does surprise me is the eagerness of some manufacturers to push fundamentally flawed products onto unsuspecting, none computer science, end users. But the biggest surprise is hearing the spouting of bollox that some people resort to when defending their favourite Operating System, of any flavour. Are these people really that fucking stupid that they'll disregard basic fuckups in the product and the multiple work arounds that using the product requires them to perform ?

    Sorry folks, but as far as I am concerned, this IT business is comparable to the situation way back in the old Model T days of motor cars because we are new at it and still trying to improve on last seasons models. So we still have to get out and get under the hood on a frequent basis, or find a nice man who can. The equivalent of seat belts for the passengers and driver, safety glass, a surround sound system and a shiney set of rims are but the fantasy of a 62 year old geek that'll likely run out of road before I can relax and actually enjoy the ride ............

    1. Anonymous Coward
      Anonymous Coward

      Re: Yawn, here we go, here we go, here we go........

      I'm sorry, but you're talking crap.

      We've got an OS who's vendor tries hard to prevent you from getting under the hood, yet for the majority of the time you have to get under the hood to fix the fuck ups caused by updates. If you haven't had an update fuck-up yet, then you've only just started computers last year, and unchecked "check for updates" when you installed it.

      Then there is another OS who's hood is designed to be opened, gets updated several times a week while the engine is still running, and you don't even need to re-boot (apart from ~1% of updates, but that's only if you want to "use" the update).

      That's what the issue is. Not having flaws in the first place (although it's sometimes fun to mock), but how they are fixed. If updates cause more harm than good, then people will turn them off - and that's not a good idea.

  12. Hans 1
    Windows

    Ohh, just another 15 reboots required ...

    1. Gis Bun

      Yup. The original comment coming from someone who compiles his Linux binaries all days.

  13. Roland6 Silver badge

    Windows 8.0->8.1->8.1u1->8.1u2 !!!

    Can't be any worse than what MS have unleashed on it's Windows 8.0 user-base this last month or so...

    Remember having to visit the MS store to download the circa 3.5GB 8.1 update?

    Well MS in their wisdom have decided to force Win8. users to update, giving them effectively no warning and no way to abort, by including a couple of innocuous updates in the critical Win updates - the first released a year ago the second just recently. The effect of the second update discovering that the first update has been installed is to immediately commence the download of the 8.1 update - yep over any active network connection with no user notification. Then on completion give the user a maximum of 4 hours usage before their system is forceably updated (there is no "remind me later" option) via a reboot...

    So MS expect you the user to drop whatever you are doing (it's not important), free up your diary and focus your attention on Microsoft. There is no opportunity to: Follow best practise and do a full backup (of a working system), just copy essential files to a USB drive. Ensure your system has uptodate OEM drivers etc. (you can't install them if it involves a reboot..) Once the waiting is over you hand your system over to Microsoft who then over several hours perform the magic of upgrading your system to Win8.1. If you are lucky the system will 'work' and be able to connect to a network and access the internet (not a given, particularly on a system for which the OEM doesn't list a Win8.1 compatible network driver). Because the next thing the system will do is to update Win8.1 to 8.1u1 and then 8.1u2 (another 600~800MB of downloads). If all goes well after 4~5 hours you'll have a 'working' system. Only you may not... Hyper-V isn't working (some reports indicate I need to reinstall the Bluetooth driver and probably some other drivers - another 60~150MB of downloads), all my printers aren't working (recommendation download latest drivers and reinstall - ~1GB of downloads). Given my first system was hit at 11am on Thursday (hopefully we've disabled WuP on all the other Win8.0 systems so these other systems can be updated in a more controlled and less stressful manner) and I'm still struggling to get the printers working (higher priority than Hyper-V), I suspect I might just have a working system in time for Patch Tuesday...

    Given the tone of the posts in various MS and HP support forums, my problems and frustrations are not uncommon.

    As an aside, I expect next months Statcounter and Netmarketshare figures to show the Win8.0 markeshare to have fallen off a cliff and Win8.1 marketshare to have received an "unexpected boost".

    As a final observation, as luck would have it, the system had the latest version of Classic Shell, which survived the MS update intact, so no UI surprises!

    1. Spoonsinger

      Re: Windows 8.0->8.1->8.1u1->8.1u2 !!!

      Sigh. Windows 8.1 is a different O/S version to Windows 8. It's not a service patch. What's so difficult about this concept? (Well obviously apart from the naming convention, but we are all grown ups here and the nomenclature is irrelevant).

      1. Roland6 Silver badge

        Re: Windows 8.0->8.1->8.1u1->8.1u2 !!!

        >Sigh. Windows 8.1 is a different O/S version to Windows 8.

        That may be so, however MS are forcing the update of Win 8.0 to 8.1 (and Win RT to Win RT 8.1) through the release of KB3008273 (replaces KB2973544) via WUP. The effect of this update is if you have automatic updates enabled (ie. the recommended/default setting) and have previously installed KB2871389, which was released through WUP about a year back as a critical update, is to automatically force the upgrade your system to 8.1.

        NB. Once update KB3008273 or KB2973544 starts executing, there is no published method of preventing the forced upgrade from happening...

        Also the update process does not create Win8.1 recovery media, so if you do a factory reset, Win 8 will be reinstalled...

    2. arctic_haze
      FAIL

      Re: Windows 8.0->8.1->8.1u1->8.1u2 !!!

      My colleague lost his presentation for the next day meeting this way on his Win8 laptop. I did not believe his story of an unexpected system upgrade until I read the above.

  14. tempemeaty
    Mushroom

    Microsoft Forced Upgrade Facepalm...OMG

    Who's computer is it? Forcing updates is unprofessional and totally unacceptable.

  15. Winkypop Silver badge
    Meh

    I much prefer updates

    To the alternative.

  16. Anonymous Coward
    Anonymous Coward

    Don't talk to the IT guy

    It's that time of the month (rolls eyes).

  17. Gis Bun

    Give me a break. So exactly how many actual Linux updates are available in a month? You may not install all of them but they are there.

    As for Apple, they wait for a major release half the time to release fixes. Just how many fixes were included in 10.10 to fix bugs in 10.9. Quite a few.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like