News Microsoft warns of 'critical' flaws

From the Beeb:

Software giant Microsoft has warned of seven security flaws in its programs, describing five of them as "critical".
The alert applies to a wide range of Microsoft software and the critical flaws could let hackers break into computers.

The announcement is part of an initiative to tell computer users of patches on a regular basis

People are being urged to go to the Windows update site and download the latest fixes.

Full story here

I don't know why anyone bothers to report critical flaws in MS products as news anymore. It's such a routine occurance these days....

 

so true

 

So True

 

Is there an echo in here?

More on this over at Wired

What makes me laugh is that after the announcement, the MS share price had risen by 55 cents (by the end of trading yesterday).

 

Does not make sense?

 

It's just more reasons why the autoupdates should be turned on by default... if not just in XP Home edition.

 

what do you do if you dont have an internet connection and your a computer noob?

 

If you have no net connection then your pretty safe from most of the consequences of the flaws...

 

thats not the point - you said all windows machines should have that turned on by default. that means every X days at Y, the computer will attempt to connect to the internet when there is no internet to connect to. Of course it could start only when already connected to the internet, but why would MS spend the time on that- they have more flaws to introduce

 

Go outside and experience the real world?

Oh wait was that the start of a joke?

 

"Real" world



like theres actually a Real world...

 

All software is flawed (something like 2 bugs for every 4 lines of code), it is good that Microsoft are working hard to repair the flaws.

 

bullpoop!

thats just stupid, 4 lines of code could simply be declaring variables, or creating a window or whatever - I dont believe that for a second!

 

And you can't have a bug declaring a variable?

I can remember a piece of code written by one of my ex-drones that had several variable declared as numeric (ints or longs or something), but troughtout the program he kept putting string data into them.

Because VB was such a forgiving language, at runtime it converted the offending variables into variants (which allow anything. You could probably store jam in a variant)

Not a critical 'let's blue screen this baby' bug, but a bug all the same.

 

I disagree.
Has everyone forgotten the buggy "driver update" Microsoft had out last year that crashed a bunch of computers (including mine)?

No auto-updates in this house.

 

so you believe the '1 bug for every 4 lines of code malarkey?" - windows has millions of lines of code in it... thats unimaginable

 

No, but there is a defined 'average' of defects per multiple lines of code - It's no where near 1 per 4 lines IIRC, something along the lines of 10 per 1000 or so. Which is what I guess JADS was alluding to.

I'm sure if you Google it you'll get the current average.

Having said that though, with the amount of flaws and bugs that have been found in XP / Explorer / Outlook in the past 6 months, I can well believe the average is a lot lower than what I remember it to be - even as low as 1 in 4!

 

trying to illustrate things using the number of bugs in a certain amount of code is silly.

With the noteable exception of buffer overflow bugs, the worst bugs tend to be software designers/programmers not fully understanding the interactions between various parts of the program/system. Whilst this can be particularly painful in security related protocols etc, it is also problems of more mundane programs.

It's usually more likely to talk about the number of bugs with a certain mean time before failure (MTBF) than how many per line of code.

The problem with unforseen interactions and bugs such as that is that when the complexity of the system increases and the number of programming drones working on it increases nobody can maintain an adequate overview of the program. Which is why so many people advocate various important layers of abstraction, such as object orientation.

The problem with a lot of bugs in windows is that they'll have a very high MTBF, so they can't do enough testing to catch them, but with such a large userbase they will start occuring almost straight away for some unlucky user.

Alaric.