News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • The perils of shouting “fire” in a crowd of PC patchers

    Posted on January 30th, 2020 at 11:26 woody Comment on the AskWoody Lounge

    It happens over and over again. Microsoft releases a patch and the world panics. Dire predictions of doom stampede Windows customers into installing patches, like, yesterday. Then — poof! — the threat disappears. The news cycle changes and nobody hears about the big, bad security hole. Who gets hurt when the industry cries “Wolf!”?

    Diatribe in Computerworld Woody on Windows.

  • The little AV vendor who cried “wolf”

    Posted on April 22nd, 2008 at 06:04 woody Comment on the AskWoody Lounge

    Remember the hubub about MS08-021 – those dire predictions of doom if you didn’t immediately apply this month’s Black Tuesday crop of patches?

    Guess what? The sky didn’t fall. The Internet didn’t crawl to a halt. A gazillion computers didn’t turn into zombies. While the MS08-021 security bulletin patches a very real hole in GDI, cretins haven’t yet figured out how to take advantage of it. The breathless articles that urged you to apply the patch immediately were a bit, uh, premature.

    Symantec, which led the “sky is falling” chorus, now says:

    Patches for the recently exploited Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570) have been available via the Microsoft Security Bulletin MS08-021for over a week. No new reports of in-the-wild exploitation of the flaw are known; the previous attacks we reported on are known to have been unreliable and not significantly widespread.

    Golly. Sounds like something I heard ten days ago.

    SANS reports that the “patch window” – the gap between the time Microsoft releases a Security Bulletin and the time cretins come up with a working exploit – “is gone.” Sorry, but I don’t see any evidence that the fancy new reverse-compilation techniques are cracking things any faster.

    I don’t see any reason to apply the April Black Tuesday patches just yet. There are still many reported problems. As long as you’re using Firefox, I can’t see any reason to apply the patches. Let them stew.

    We remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.