Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Explains and Defends Silent Fixes


17 Feb 2011   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Microsoft Explains and Defends Silent Fixes

Quote:

Microsoft has detailed its policy of patching in-house discovered bugs silently and tried to answer the most frequently asked questions regarding this procedure.

The fact that Microsoft doesn't disclose all patched vulnerabilities in Security Bulletins is not a secret. This was admitted by the company in 2006.

This somewhat controversial policy applies to bugs discovered during the "Hacking for Variations" (HfV) process, which aims to limit the number of similar flaws in a product.

When the company receives reports of a vulnerability, it also inspects the source code for similar bugs and runs a plethora of tools, including fuzzers, against the vulnerable component.

Any flaw discovered in this way is considered a variant of the originally reported vulnerability and it doesn't get publicly disclosed, nor does it receive a CVE identifier.
Microsoft Explains and Defends Silent Fixes - Softpedia


My System SpecsSystem Spec
.

19 Feb 2011   #2

MS Windows 7 Home Premium 64-bit SP1
 
 

Dear JMH,
I guess you are the person to answer two tiny doubts of mine!
1) Why did Microsoft allow it's customers a certain degree of free reign in allowing updates 1)unhindered installation,2) download, i will decide what to install and 3) i will decide whether to install or not( is option 3 there?)

2) On super Tuesdays, what % of users generally allow all downloads to be downloaded AND installed (You may give a rough restimate, lest we rust!)

3) Do you consider the under cover fixes are to avoid loss of face?
Regards,
Sreedhav
My System SpecsSystem Spec
19 Feb 2011   #3
JMH

Win 7 Ultimate 64-bit. SP1.
 
 

All of your questions pertaining to Microsoft's motives can only be addressed by Microsoft.
My System SpecsSystem Spec
.


19 Feb 2011   #4

MS Windows 7 Home Premium 64-bit SP1
 
 

Quote   Quote: Originally Posted by JMH View Post
All of your questions pertaining to Microsoft's motives can only be addressed by Microsoft.
Dear JMH,
I am sincerely sorry for the ill-directed queries! I can only crave your pardon! I hold you in the highest regard!

Regards,
Sreedhav
My System SpecsSystem Spec
19 Feb 2011   #5

Windows 7 Ultimate x86
 
 

See...as long as those fixes are tested sufficiently enough to make sure they wouldn't crash my computer or cause any kind of unwanted behavior, i don't mind them being pushed on me.
But if they ever affect me in an undesired way you can bet your boots, Microsoft gets a special entry in my HOSTS

-DG
My System SpecsSystem Spec
19 Feb 2011   #6

ultimate 64 sp1
 
 

i really like the word 'fuzzer' - first time i've come across it - thanks JMH!

my next kitten may be in need of that name
My System SpecsSystem Spec
19 Feb 2011   #7

Windows 7 Home Premium x64
 
 

I think not disclosing the extent of all patched vulnerabilities has some security benefits. If the hackers can just pull up lists of all the vulnerabilities you fixed, they would be able to create exploits for new vulnerabilities that much faster.
My System SpecsSystem Spec
19 Feb 2011   #8

Windows 7
 
 

hmm...this is a very slippery slope

As consumers do we have the right to inquire as to what these fixes are? And if so - how does that protect against hacking - for a hacker could ask the same.

If they can do this without warning/liability who knows what they can put on personal, public, and corporate machines/servers without permission.

And what happens if they damage the OS/machine(s)?

Is the enduser SOL?
My System SpecsSystem Spec
19 Feb 2011   #9

Windows 7 Pro. 64/SP-1
 
 

I have no problem with the way Microsoft does it. Most of us wouldn't know what to do with the fine code that might be included. Giving all the fine details might also give some one access to the operating systems code with which it was created by it's owners.
My System SpecsSystem Spec
19 Feb 2011   #10

Win 7 Ultimate 32bit
 
 

As consumers do we have the right to inquire as to what these fixes are?

Yes and No

Remember, you are renting the Windows OS, you do not own it.


And if so - how does that protect against hacking - for a hacker could ask the same. ---- Yes

If they can do this without warning/liability who knows what they can put on personal, public, and corporate machines/servers without permission.


There are limits and protections that they must adhere to.
They can't just drop a keylogger or something on your system.


And what happens if they damage the OS/machine(s)?


The end user is not necessarily SOL, if they ahve a legitimate copy of Windows, you can contact MS for help if an update does in fact break the OS. I do believe this does fall under the level of support they do provide under the Mainstream support period.


However, if they did do anything that would spy on or compromise a system, believe me, people are watching and it would spread like wildfire. MS would lose in the end.

There are alternatives, not excellent ones, but they do exist.
Mac and Linux would welcome the change.
My System SpecsSystem Spec
Reply

 Microsoft Explains and Defends Silent Fixes




Thread Tools



Similar help and support threads for2: Microsoft Explains and Defends Silent Fixes
Thread Forum
Solved cant download fixes from microsoft System Security
Microsoft Fixes 62% Upgrade Hang Issue! Installation & Setup
Microsoft Word Fixes Software
Microsoft Explains Unusual Approach To Recent Security Update System Security
Microsoft Explains Unusual Approach To Recent Security Update Security News
Security Firm: Microsoft Issued 'Silent' Patches News
Microsoft fixes 28 flaws Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:34 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33