back to article Web pages, Word docs, PDF files, fonts – behold your latest keys to infecting Windows PCs

Microsoft has fixed 38 CVE-listed security vulnerabilities in Edge, Internet Explorer, and Office, as well as high-profile flaws that have allowed researchers to circumvent Windows boot protections. None of the programming blunders were publicly disclosed or actively exploited in the wild prior to today's patch release. The …

  1. RegGuy1 Silver badge

    Are you seriously telling me...

    ... people still use Windows?

    For goodness sake, that virus has been going for 25 years or so. Do people NOT learn?

    1. Anonymous Coward
      Anonymous Coward

      Re: Are you seriously telling me...

      Yes, it's been one of the longest running scams in the industry, and everyone's desperate to keep it that way lest their lack of expertise gets exposed.

      If you would *really* started to calculate just how expensive Windows is you'd get booted out by your own shareholders for keeping it, so nobody does - or uses The Microsoft Way to statistics (manipulating the inputs until the outcome is what you want it to be, ignoring the fact that your manipulation has rendered the "facts" no longer facts and hoping that nobody gets close enough to notice).

      Quite impressive as scams go..

      1. Dadmin
        Happy

        Re: Are you seriously telling me...

        And it gets even worse when you consider it as a service, that you pay for, with real money not barter rocks and squirrel tails, real world money money. Or, perhaps the model is now; OS is a service, adverts can help offset your payments, viruses and malware are always free for charge, sir. Have a nice day. Also, please take the survey at the end of this comment and let my supervisor know I provided you with excellent service today. Thank you! Come again!

    2. This post has been deleted by its author

    3. asdf

      Re: Are you seriously telling me...

      Its just too damn bad about the time Linux finally gets proper Steam game love Red Hat has to come along and shove 10lb of monkey shit into a 5lb bag labeled PID 1 ala a windows lite dick move (what can go wrong shoving everything in the one userland process that can't go down). Please don't let the pigs start walking on two legs wearing red fedoras and sporting pimp coats.

    4. Anonymous Coward
      Anonymous Coward

      Re: Are you seriously telling me...

      Or, to put it another way...Are you seriously telling me...people still wont use Linux?????

      What the flip is wrong with them?

      1. RyokuMas
        Facepalm

        Re: Are you seriously telling me...

        What the flip is wrong with them?

        Probably read some of the comments on here and decided they didn't want to be part of a community in which so many appear to have massive superiority complexes...

        1. gv

          Re: Are you seriously telling me...

          "they didn't want to be part of a community in which so many appear to have massive superiority complexes..."

          You don't have to be part of any community to use any of the open-source operating systems. You can download them anonymously without having to "activate" or supply personal details. You can browse help forums, read articles, read bug reports in all their full gory details, without anybody asking who you are or why you're doing it.

          Plus, you can install on as many systems as you like without having to comprehend complex EULAs.

          1. Anonymous Coward
            Anonymous Coward

            Re: Are you seriously telling me...

            You don't have to be part of any community to use any of the open-source operating systems.

            Absolutely true but the problem arises when someone new to the OS has a problem and tries to ask a question on a forum. It is then that you see superiority complexes and snobbish behaviour appear. And then they wonder why more people don't make the move over.

            I am not a windows user but we do have a copy of XP sitting in a VM for the odd times when someone sends a windows centric communication that we can't open with anything else.

          2. OtotheJ

            Re: Are you seriously telling me...

            The community being referred to is made up of those who smugly post on these forums detailing how they aren't affected by any of this because they run Linux.

            I use Linux on some machines and think it's great but Linux evangelists need to get a grip and realise that it's not ready to be used on the majority of corporate or home desktops.

            Until this is understood and development of Linux concentrates on displacing Windows in these environments, Windows will continue to dominate as it has no real competition.

            I fear that I could be waiting a long time....

            1. gv

              Re: Are you seriously telling me...

              "Linux evangelists need to get a grip and realise that it's not ready to be used on the majority of corporate or home desktops."

              I disagree. The fact that it is not used on the majority of corporate or home desktops is more a reflection on the corporations and the fact that most retail PCs are sold with Windows installed. Unless you have a complex application that only runs on Windows there is absolutely no reason to use Windows and its concomitant security holes, and even then you could probably get away with using Windows in a VM.

              1. asdf

                Re: Are you seriously telling me...

                >Linux evangelists need to get a grip

                Sadly most of them today don't even seem to care about POSIX and are perfectly fine with Linux morphing into the next windows as long as they can game on their laptop for free.

                1. Jamie Jones Silver badge
                  Thumb Up

                  Re: Are you seriously telling me...

                  "Sadly most of them today don't even seem to care about POSIX and are perfectly fine with Linux morphing into the next windows as long as they can game on their laptop for free."

                  Totally!

                  Remember all those years ago when the typical fanboi gripe was that software should be portable, and not tied to one platform?

                  Basicall, when they cried "software should run on any OS", they actually meant "software should run on Linix"!

                  I think the rot started to set in when Linux became more popular, starting with ALSA (guess what the "L" stands for, boys and girls!) and ever since then, linuxisms have become more and more prevailent.

                  I remember one of the 'advantages' of ALSA over OSS was the claim to be able to play multiple audio sources simultaneously, without needing to rely on pulse audio, or ESD etc.

                  Guess what? Other systems with OSS have been doing that for years. Why didn't they just fix their bloody OSS implementation instead?

                  I understand a similar thing occured with the devfs / udev change, and I won't even start on systemd!

    5. Anonymous Coward
      Anonymous Coward

      Re: Are you seriously telling me...

      "For goodness sake, that virus has been going for 25 years or so

      You must be forgetting the Morris Worm!

  2. Roo
    Windows

    Multiple drive by root exploits...

    Yet more ways to exploit rendering code running in ring 0. It's getting dull watching MS punch themselves in the balls, it would be nice to see them admit defeat & take on an idea that originated outside of Redmond. Sadly I suspect that may be a step too far for them.

    Of course It is technically *possible* that they may have already taken the lesson, but it would be impossible to tell that from the security bulletin or patch release notes - both seem to have been redacted to uselessness. They are more of a hinderance than a help. :(

    Joking apart, it is clear that Redmond's is just going through the motions and their heart is no longer in it. It would be best for everyone to simply disconnect the life support machine from Redmond and use the talent, time & cash freed up to do something more productive for everyone.

    1. Anonymous Coward
      Anonymous Coward

      Re: Multiple drive by root exploits...

      It's getting dull watching MS punch themselves in the balls

      God no, I would never tire of the sight of that..

      1. Fatman
        Joke

        Re: Multiple drive by root exploits...

        <quote>It's getting dull watching MS punch themselves in the balls</quote>

        Is it OK if I stop by, and offer a few kicks too???

  3. Shadow Systems Silver badge

    I wouldn't know...

    I started my system running the Windows Update Client (WUC) this morning at 0655Hrs PST. It's now 1610Hrs PST & the WUC is still waiting for a reply. If I ask it to check again it complains it's already doing it, admonishing me as if I were a kid in the back seat whinging about being bored on a long car trip. So I'll have to wait for it to hear back from MSHQ before I can figure out what updates are coming down the pipe for my Win7Pro64 system.

    I ordered pizza about ten minutes ago & it's due to arrive in about 30 minutes. I'll probably have time to finish it before WUC gets done. *Sigh*

    I wonder what load of bullshit MS will try telling me as the cause for it taking so long THIS time. Now that the upgrade is no longer happening, they can't trot out the old pony about the effective DDOS-level traffic. They've flogged that horse until it's ready to kick 'em in the fork. Much like I'D like to do right about now... =-/

    1. Sorry that handle is already taken. Silver badge
      Coat

      Re: I wouldn't know...

      It's probably trying to complete the Australian census.

    2. Trixr

      Re: I wouldn't know...

      Are you seriously running your updates the same day they were released? Wow.

      1. Shadow Systems Silver badge

        @Trixr, RE: Updates.

        Yes. I run the WUC every time I start my computer, just to be sure it's as up to date & security patched as possible. So when some flippant twerp asks me if my computer is current WRT security, I can return it with a smug "As of ($Time) today."

        It never used to take this long. The longest time I had to wait had been about ten minutes, but that turned out to be because my ISP was incorrectly throttling my bandwidth. One phone call to their help desk, verify that I had NOT been downloading hundreds of gigabytes via torrent, & my bandwidth zoomed back to normal & the WUC finished in moments.

        It's only been since MS has tried forcing the upgrade down our throats that the WUC has become as slow as half-frozen molasses in a Winter blizzard. It may have something to do with that function call that MS says is only supposed to be made *once* per power cycle, but that they were reported to be calling over 3.2MILLION times for a single session. If that's the case then it's no wonder the WUC is slow, it's being forced to make a function call like a drunken ex-BF at 3AM after a night of pub crawls, trying to bawl & blubber on his ex-GF's shoulder in attempt to convince her to take him back. This is pathetic.

        And just for the record, I've long since finished my supper, cleaned up the mess, & have gone back to surfing the web. The WUC is <EnergizerBunny>Still Going</BoomingDrum> after all this time. I may go on vacation for a week & leave it running, JUST to see if it finishes before I get home. =-|

        1. Hans 1
          Windows

          Re: @Trixr, RE: Updates.

          Imagine, you could download a 6 year old Linux distribution, install it with all updates, and it will still finish before WUC will have retrieved the list of updates ... ;-).

          You should have upgraded to 10, they will say, in 10, WUC takes less than half the time to complete.

          1. Geoffrey W

            Re: @Trixr, RE: Updates.

            Imagine...you could have built your own computer, written your own operating system, used it for 60 years, died, gone to heaven, been reborn as an A.I. running on FOSS software and WUC would still be trying to contact base.

            WUC the heck is going on?

    3. Gotno iShit Wantno iShit

      Re: I wouldn't know... @Shadow Systems

      Not uncommon for WUC to be godawful slow but there doesn't seem to be a fix. I have two primary machines and both are 7 white box installs of the same age.

      The desktop takes 10 minutes to do WUC each month, it takes me longer to check the list of updates for GWX & telemetry trojans to reject. At least I don't have to worry about GWX any more.

      The laptop takes 48-60 hours. I managed to get the July updates installed last weekend as it has taken that long for me to be in one place long enough for it to complete. If I hibernate the machine WUC starts again. And here we are 3 days later about to start again. For further annoyance WUC flatlines a core so the laptop is permanently in hovercraft mode for a task I know it won't complete. I used to kill the task to get some peace but it respawns so now I've disabled the service until I know I'll be in one place long enough.

    4. Fatman

      Re: I wouldn't know...

      <quote>I started my system running the Windows Update Client (WUC) this morning at 0655Hrs PST. It's now 1610Hrs PST & the WUC is still waiting for a reply. If I ask it to check again it complains it's already doing it, admonishing me as if I were a kid in the back seat whinging about being bored on a long car trip. So I'll have to wait for it to hear back from MSHQ before I can figure out what updates are coming down the pipe for my Win7Pro64 system.</quote>

      I truly feel sorry for you. Too many of my WindoZE using friends have bitched and moaned about the SLOW WindoZE Update process. To demonstrate that 'there is a better way', all I have to do is allow them to see how most Linux distros do updates.

      This PC is running Ubuntu 12.04LTS (long term support). Using Synaptic (a package manager), I can reload the package information quickly. Generally that task gets completed in way less than 5 minutes. One of my friends exclaimed "You're fucking DONE!!!" already. Not exactly, that was just updating the package list. This is what needs updating. I then click on 'updatable' and a list of packages gets displayed.

      YMMV depending on the speed of your internet connection. Mine is not all that fast, but a lot better than DSL or ($DEITY FORBID) dial up. Depending on what is needed, you can be looking at less than a Mb, to as much as 500 Mb of packages to be downloaded. You can put off downloading them if you don't want to be interrupted. One session required 338 Mb worth of files. I started the session, and clicked to show the file download progress. Unlike WindoZE, where you just have this bar moving back and forth; you can watch which file is being downloaded. At least you have this 'feedback' that something is getting done. The entire session was complete in about 45 minutes, most of that being download time.

      Yes, Microsoft, there is a better way, you just don't have a fucking clue.

      1. Geoffrey W

        Re: I wouldn't know...

        Windows has to serve updates to a gazillion machines. Linux has to serve to about 13.

  4. Geoffrey W

    Thank Jehovah I don't even have a computer and wouldn't know how to turn it on if I did. Its the only way to be safe.

    1. Anonymous Coward
      Anonymous Coward

      I dunno, if you watch Orphan Black you will know how dangerous a pencil can be.

      1. Geoffrey W

        I'm only allowed crayons. I didn't know what Orphan Black was so I searched (through lots of shops) and found a cute little figurine with a pencil in its eye. How delightful. Wont someone think of the orphans. I had to deliver this comment by hand to The Register Offices. They're not very friendly, are they.

  5. Roger Greenwood

    Windows Journal is crap as well

    "The file format that's used by Windows Journal (Journal Note File, or JNT) has been demonstrated to be susceptible to many security exploits. Therefore, Windows Journal will be removed from all versions of Microsoft Windows soon."

    More here:-

    https://support.microsoft.com/en-gb/kb/3161102

  6. Anonymous Coward
    Windows

    Good to know

    MSFT working tirelessly to help keep users protected from malcontents

    1. Anonymous Coward
      Anonymous Coward

      Re: Good to know

      MSFT working tirelessly to help keep users protected from malcontents

      Yup. From what I've seen that's mainly done by damaging Internet connectivity. To be fair, that works (and has the added bonus that for once it's actually safe to use), but it's probably not quite what the *customers* had in mind..

  7. hypernovasoftware

    Windows, still crap after all these years.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like