Microsoft is patching Windows 8 but NOT Windows 7

Page 1 of 2 12 LastLast

    Microsoft is patching Windows 8 but NOT Windows 7

    Posted: 09 Jun 2014

    Redmond is patching Windows 8 but NOT Windows 7, say security bods

    Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems.
    Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in 7. They said the shortcoming could lead to the discovery of zero day vulnerabilities.

    The missing safe functions were part of Microsoft's dedicated libraries intsafe.h and strsafe.h that help developers combat various attacks.
    Redmond is patching Windows 8 but NOT Windows 7, say security bods ? The Register
    PaulGo's Avatar Posted By: PaulGo
    09 Jun 2014

  1. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit

    It's always a risk to have open apps with a constant feed win-8 is pretty much on steroids as far as constant feeds,
    I can't say windows 7 type of apps/programs/toolbars are much different security wise,
    Best is to do without them and use them as a site you access like a home page or favorite ?

    Sync has always I've thought to be the new biggest security hole waiting to be exploited / Onedrive desktop/ Dropbox../.....
    Cloud.../ websites Share this and that
    Nothing is 100% secure and the disclaimers usually point that out,
    But Microsoft abandoning win-7 ?
      My Computer

  2. Posts : 54,488
    Windows 10 Home x64
      My Computer

  3. Posts : 2,047
    Windows 7 Home Premium 64-BIT

    They can abandon Windows 7 and loose their money and their trust from their customers or continue the updates for Windows 7 because W7's lifespan is still a bit long :\
      My Computer

  4. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers

    Hi there

    You need to understand the basic difference in how security works between W7 and W8. In W8 itself it is built in to the kernel and several modules . Windows defender (confusing as this is NOT the same as Windows defender in W7) which is really a re-write of Ms Security essentials but built in to the kernel is patched daily.

    Windows 7 relies more on EXTERNAL / 3rd party packages for security so it's up to the security vendor to supply patches to those. Ms will of course patch its own products such as MSE (Microsoft security essentials) and IE.

    I doubt if W7 is essentially more insecure than W8.1 currently -- patches, time lines for these patches and modules to be patched cannot be equated on the whole with the same set used in W8.1

    W7 being used by enterprises much more than W8.1 will certainly for the immediate future not be left vulnerable to the latest hacks - however Ms can't be responsible for any weaknesses / loopholes caused by badly written 3rd party programs.

    W8 / W8.1 has types of "always active" apps (metro etc) so security for ensuring those types of things are safe operates totally differently from W7 which is in essence a "static" OS in that you rarely have loads of apps integrated into the OS which are running constantly - excluding system tasks etc.

      My Computer

  5. Posts : 24,479
    Windows 7 Ultimate X64 SP1

    MS is in fact, updating w7, I just installed 14 updates, 9 of which are security related to the OS, the rest for Office stuff.

    Jimbo, can you explain "kernel" so my 3 brain cells can comprehend it? I see the word bandied about all the time.
      My Computer

  6. Posts : 1,686
    Windows 7 x64 Ultimate and numerous virtual machines

    I suspect some of the things that are being patched in Windows 8 / 8.1 and not in Windows 7 do not exist in Windows 7 or Vista. For example the metro ecosystem. The whole report is a load of tosh.
      My Computer

  7. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers

    Britton30 said:
    MS is in fact, updating w7, I just installed 14 updates, 9 of which are security related to the OS, the rest for Office stuff.

    Jimbo, can you explain "kernel" so my 3 brain cells can comprehend it? I see the word bandied about all the time.
    Hi there.

    Trying to explain Operating systems in a few words is a problem -- however an OS consists of basically a TASK manager which handles all its central functions like managing memory / paging / I/O calls etc and an interface which application programs ("apps") - things like say your DVD player software or E-mail call to execute.

    The kernel is essentially the main core of the operating system which runs and controls all the processes happening in the computer.

    Normally the System services and programs run in "protected mode" -- normal "User programs" (your Apps) can't run in this mode - and these programs are normally part of the kernel - or the central program which is always running in your system. For example when you type something on a keyboard the operating system has to have a program that knows exactly when the keyboard is used and what it has to do. (In technical terms this is called "an Interrupt" and the Interrupt manager in the OS will depending on the type of action required call the relevant application to handle the request - for example keyboard input / disk I/O / Screen display etc).

    For example after booting Windows you can start an application -- so you must have some program running which is looking or waiting for a command to start your application. After booting you might not enter anything for 30 mins -- but there must be an underlying process running which is notified as soon as you make a mouse click / a keyboard stroke.

    Your application isn't concerned with memory management / I/O etc etc. The Operating system ensures that applications run and use their own areas and data from one application isn't corrupted with data from another.

    Operating systems are very COMPLEX and to describe them properly goes way beyond the scope of this post. A bit of googling should give you further info.

      My Computer

  8. Posts : 1
    windows 7 home premium 64bit

    If you have problems installing certain updates for windows 7 operating systems, MS will try and tell you the problem is with you and your computer. Most of the time this is not true. If it's just one update or even two out of many, the problem is with MS. It's not you. It's still a good idea to to run chkdsk in cmd just to make sure and run a good full security scan with your security provider. You can fix most problems with cmd. Wait a while...a week or two and MS will eventually fix the error. Chances it's not just you but a lot of people going through the same thing. MS is now geared up for windows 8 and those of us with 7, vista or xp take a back seat.
      My Computer

  9. Posts : 568
    Windows 7 64-bit, Windows 8.1 64-bit, OSX El Capitan, Windows 10 (VMware)

    While the kernel does manage memory addresses for applications, the actual memory size and what's written there is controlled by the application in question. The kernel basically allocates the memory buffer, or heap, as requested by the application and the application controls what's written in this buffer. If the size of data being written is greater than the buffer allocation size, then the buffer overflow will take place. And that's not a good thing. The intentionally triggered buffer overflow can crash the system in good case. In bad case, the buffer overflow is used to execute arbitrary code that compromises the system.

    Most applications are developed in C/C++ language, that has no built-in routine/function to check/restrict memory buffer boundaries. The developers are suppose to write their own routine that performs this function, but that does not happen all the times.

    The Windows SDK, that includes C/C++, has built-in routines for application developers to enforce the memory buffer boundaries, so they don't need to write their own. What the article is complaining about is the difference between intsafe.h (SDK 7 for W7) and strsafe.h (SDK 8 for W8) libraries. Comparing these libraries is pretty much irrelevant, as far as the status of the security patch is concerned for the indicated OS.

    As more and more buffer overflow technology utilized by hackers become known, the more "safe functions" will be added to the SDK libraries. Some of them will be forward looking only, while others may make it to the previous version to SDK libraries. This could be a decision based on compatibility and not an intent of abandoning previous OS versions, that are still supported.

    The programming error resulting in buffer overflows is the main reason why I use MS EMET 5.0. EMET protects the OS, applications, and browsers against 13 known buffer overflow technologies. Will it protect against all of them? Well, no... There's nothing that programmatically can protect your system against a programmer error...
      My Computer

Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:20.
Find Us