back to article Microsoft's huge Patch Tuesday includes fix for bug under attack

Microsoft's massive April Patch Tuesday includes one bug that has already been exploited in the wild and a second that has been publicly disclosed. In total, the Redmond giant patched over 100 bugs today, including 10 critical remote code execution (RCE) vulnerabilities. First, though: CVE-2022-24521, which NSA and …

  1. ShadowSystems Silver badge

    Ah, the joy of being (fr)agile.

    When MS has more patches than all the other patch sources listed in TFA *combined*, what does that say about their ability to write code that *doesn't* suck sweaty monkey nuts?

    Sure it's a complex OS, but that's WHY you keep a QA team around so they can try to fix the bugs _BEFORE_ you release your code to the public. Unless you *like* being seen as a bunch of inbred management clowns that couldn't organize a drinking contest at a brewery?


    1. Ken Hagan Gold badge

      Re: Ah, the joy of being (fr)agile.

      "When MS has more patches than all the other patch sources listed in TFA *combined*, what does that say about their ability to write code that *doesn't* suck sweaty monkey nuts?"

      Nothing at all, since the article is about Patch Tuesday, which is a Microsoft-specific thing, even if a handful of other vendors have elected to try to hide their own mistakes under its cover.

    2. IGotOut Silver badge

      Re: Ah, the joy of being (fr)agile.

      Have you looked at the huge range of products it covers?

      People forget this when mashing the keyboard without looking and waving the (insert OS of choice) flag around.

      1. Sub 20 Pilot

        Re: Ah, the joy of being (fr)agile.

        Sorry but Windows is a critical OS for most people and should work. They should not be fucking about with frills and shit as they have done for decades while their OS is as flaky as it is. If it is too complex that is their fault not other SW vendors. Simplify it, remove superflous shite, make it secure which is what we pay for. Then and only then start adding pointless shite and even that should be optional.

    3. Anonymous Coward
      Anonymous Coward

      Re: Ah, the joy of being (fr)agile.

      As others have pointed out, MS are patching an entire OS.

      Adobe, on the other hand are STILL patching bugs in Acrobat Reader, something foisted on most users as the default option, although there is now the option to use Edge for PDFs (but how much of the plugin's code is still Adobe's?)

  2. bombastic bob Silver badge

    why NFS ?

    If Micros~1's NFS implementation (assuming WSL, and maybe Ubuntu/Canonical) then HOW/Why an NFS vulnerability?

    Micros~1 must have screwed the pooch on the implementation, or is this a Canonical/Ubuntu problem as well?

    (I am saddened)

    1. david 12 Silver badge

      Re: why NFS ?

      MS has native Network File System drivers, and I've had them installed since Win2K. I haven't used them for anything other than testing, since NFS is light-weight feature-poor Network system, but the feature has always been there for server systems, and sometimes for pro or home systems.

      I think that NFS for Windows turned up even earlier, but I personally never ran earlier versions of NT, and I think it was originally developed by a third party.

      1. Roland6 Silver badge

        Re: why NFS ?

        People are probably getting confused with Sun NFS for which there were off-the-shelf MS-DOS clients in the mid-80's, and Microsofts Windows Network File System which was initially part of LAN-Manager.

      2. bombastic bob Silver badge

        Re: why NFS ?

        I had to install Interix/SFU/SUA/whatever to get NFS functionality in the past. And WSL (now) apparently is a built-in, and apparently is derived from (or maybe just is) actual Linux code, with contributions (as I understand it) from Canonical. I thought this was apparent, but maybe not?

        Anyway THAT was my point. I was assuming this was general knowledge and not being captain obvious to set up the explanation first...

        or is it not as I thought it was?

  3. Winkypop Silver badge

    The Redmond giant patched a whopping 128 bugs today

    Don’t panic

    Don’t panic!!!

    There’s still plenty more where they came from.

  4. arachnoid2

    Dear Deep Thought

    We seek the answer to the great question about the universe and everything, when will we get the patch to patch all patches forever?

    1. TimMaher Silver badge

      Re: Dear Deep Thought

      “It will take seven...” “We can’t wait until next week!” “... million years.”

  5. D@v3

    i wonder if they have fixed the bug that we found, of users not being able to change their (expired) password on log in.

    Not as 'Critical' or Important as these, but bloody annoying.

    1. arachnoid2

      Users without passwords are no longer users

    2. Anonymous Coward
      Anonymous Coward

      Users without Microsoft accounts are no longer users, (even Pro ones).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022