Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Microsoft is patching Windows 8 but NOT Windows 7

09 Jun 2014   #1

Windows 10 (64 bit)
Microsoft is patching Windows 8 but NOT Windows 7

Redmond is patching Windows 8 but NOT Windows 7, say security bods

Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems.
Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in 7. They said the shortcoming could lead to the discovery of zero day vulnerabilities.

The missing safe functions were part of Microsoft's dedicated libraries intsafe.h and strsafe.h that help developers combat various attacks.
Redmond is patching Windows 8 but NOT Windows 7, say security bods ? The Register

My System SpecsSystem Spec
09 Jun 2014   #2

Win-7-Pro64bit 7-H-Prem-64bit

It's always a risk to have open apps with a constant feed win-8 is pretty much on steroids as far as constant feeds,
I can't say windows 7 type of apps/programs/toolbars are much different security wise,
Best is to do without them and use them as a site you access like a home page or favorite ?

Sync has always I've thought to be the new biggest security hole waiting to be exploited / Onedrive desktop/ Dropbox../.....
Cloud.../ websites Share this and that
Nothing is 100% secure and the disclaimers usually point that out,
But Microsoft abandoning win-7 ?
My System SpecsSystem Spec
09 Jun 2014   #3
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1

My System SpecsSystem Spec

11 Jun 2014   #4

Windows 7 Home Premium 64-BIT

They can abandon Windows 7 and loose their money and their trust from their customers or continue the updates for Windows 7 because W7's lifespan is still a bit long :\
My System SpecsSystem Spec
11 Jun 2014   #5

Linux CENTOS 7 / various Windows OS'es and servers

Hi there

You need to understand the basic difference in how security works between W7 and W8. In W8 itself it is built in to the kernel and several modules . Windows defender (confusing as this is NOT the same as Windows defender in W7) which is really a re-write of Ms Security essentials but built in to the kernel is patched daily.

Windows 7 relies more on EXTERNAL / 3rd party packages for security so it's up to the security vendor to supply patches to those. Ms will of course patch its own products such as MSE (Microsoft security essentials) and IE.

I doubt if W7 is essentially more insecure than W8.1 currently -- patches, time lines for these patches and modules to be patched cannot be equated on the whole with the same set used in W8.1

W7 being used by enterprises much more than W8.1 will certainly for the immediate future not be left vulnerable to the latest hacks - however Ms can't be responsible for any weaknesses / loopholes caused by badly written 3rd party programs.

W8 / W8.1 has types of "always active" apps (metro etc) so security for ensuring those types of things are safe operates totally differently from W7 which is in essence a "static" OS in that you rarely have loads of apps integrated into the OS which are running constantly - excluding system tasks etc.

My System SpecsSystem Spec
11 Jun 2014   #6
Microsoft MVP

Windows 7 Ultimate X64 SP1

MS is in fact, updating w7, I just installed 14 updates, 9 of which are security related to the OS, the rest for Office stuff.

Jimbo, can you explain "kernel" so my 3 brain cells can comprehend it? I see the word bandied about all the time.
My System SpecsSystem Spec
11 Jun 2014   #7

Windows 7 x64 Ultimate and numerous virtual machines

I suspect some of the things that are being patched in Windows 8 / 8.1 and not in Windows 7 do not exist in Windows 7 or Vista. For example the metro ecosystem. The whole report is a load of tosh.
My System SpecsSystem Spec
11 Jun 2014   #8

Linux CENTOS 7 / various Windows OS'es and servers

Quote   Quote: Originally Posted by Britton30 View Post
MS is in fact, updating w7, I just installed 14 updates, 9 of which are security related to the OS, the rest for Office stuff.

Jimbo, can you explain "kernel" so my 3 brain cells can comprehend it? I see the word bandied about all the time.
Hi there.

Trying to explain Operating systems in a few words is a problem -- however an OS consists of basically a TASK manager which handles all its central functions like managing memory / paging / I/O calls etc and an interface which application programs ("apps") - things like say your DVD player software or E-mail call to execute.

The kernel is essentially the main core of the operating system which runs and controls all the processes happening in the computer.

Normally the System services and programs run in "protected mode" -- normal "User programs" (your Apps) can't run in this mode - and these programs are normally part of the kernel - or the central program which is always running in your system. For example when you type something on a keyboard the operating system has to have a program that knows exactly when the keyboard is used and what it has to do. (In technical terms this is called "an Interrupt" and the Interrupt manager in the OS will depending on the type of action required call the relevant application to handle the request - for example keyboard input / disk I/O / Screen display etc).

For example after booting Windows you can start an application -- so you must have some program running which is looking or waiting for a command to start your application. After booting you might not enter anything for 30 mins -- but there must be an underlying process running which is notified as soon as you make a mouse click / a keyboard stroke.

Your application isn't concerned with memory management / I/O etc etc. The Operating system ensures that applications run and use their own areas and data from one application isn't corrupted with data from another.

Operating systems are very COMPLEX and to describe them properly goes way beyond the scope of this post. A bit of googling should give you further info.

My System SpecsSystem Spec
11 Jun 2014   #9
Kevin 7

windows 7 home premium 64bit

If you have problems installing certain updates for windows 7 operating systems, MS will try and tell you the problem is with you and your computer. Most of the time this is not true. If it's just one update or even two out of many, the problem is with MS. It's not you. It's still a good idea to to run chkdsk in cmd just to make sure and run a good full security scan with your security provider. You can fix most problems with cmd. Wait a while...a week or two and MS will eventually fix the error. Chances it's not just you but a lot of people going through the same thing. MS is now geared up for windows 8 and those of us with 7, vista or xp take a back seat.
My System SpecsSystem Spec
11 Jun 2014   #10

Windows 7 64-bit, Windows 8.1 64-bit, OSX El Capitan, Windows 10 (VMware)

While the kernel does manage memory addresses for applications, the actual memory size and what's written there is controlled by the application in question. The kernel basically allocates the memory buffer, or heap, as requested by the application and the application controls what's written in this buffer. If the size of data being written is greater than the buffer allocation size, then the buffer overflow will take place. And that's not a good thing. The intentionally triggered buffer overflow can crash the system in good case. In bad case, the buffer overflow is used to execute arbitrary code that compromises the system.

Most applications are developed in C/C++ language, that has no built-in routine/function to check/restrict memory buffer boundaries. The developers are suppose to write their own routine that performs this function, but that does not happen all the times.

The Windows SDK, that includes C/C++, has built-in routines for application developers to enforce the memory buffer boundaries, so they don't need to write their own. What the article is complaining about is the difference between intsafe.h (SDK 7 for W7) and strsafe.h (SDK 8 for W8) libraries. Comparing these libraries is pretty much irrelevant, as far as the status of the security patch is concerned for the indicated OS.

As more and more buffer overflow technology utilized by hackers become known, the more "safe functions" will be added to the SDK libraries. Some of them will be forward looking only, while others may make it to the previous version to SDK libraries. This could be a decision based on compatibility and not an intent of abandoning previous OS versions, that are still supported.

The programming error resulting in buffer overflows is the main reason why I use MS EMET 5.0. EMET protects the OS, applications, and browsers against 13 known buffer overflow technologies. Will it protect against all of them? Well, no... There's nothing that programmatically can protect your system against a programmer error...
My System SpecsSystem Spec

 Microsoft is patching Windows 8 but NOT Windows 7

Thread Tools

Similar help and support threads
Thread Forum
Patching UxTheme does not work
Hi guys. Since I can now replace my Aero.msstyle, I've tried patching the UxTheme and all those files. but... it didn't work. Whatever theme I try to apply, it's not working. It either gives me Windows Classic or doesn't change anything (Windows Aero to Windows Aero) My goal was to apply...
Iam using 7 ultimate.Can i use third party themes by patching uxtheme.dll by using universal theme patcher.If i so, what are affects on OS??
Themes and Styles
Patching windows for the use of third party themes
Hi, I would like to use third party themes but I don't want just some fly by night patcher for the system files. Does someone have a good recommendation..
champions online patching bug?
Well yesterday I got champions online free for all off of steam and after it finished downloading I opened it and it said it was patching so after about 2 hours it finished the patch so I tried to boot up the game later it said it crashed and never said what part of the file crashed but now when I...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:28.
Twitter Facebook Google+