Microsoft to fix holes in Windows, Office

Microsoft said on Thursday it will issue six patches next week for 15 vulnerabilities, including three critical bulletins affecting Windows and two important Office-related bulletins.

Affected software includes Windows 2000, XP, Server 2003, Vista, Server 2008, Office XP, Office 2003, 2007 Microsoft Office System, Office 2004 for Mac, and Office 2008 for Mac, the company said in an advisory.

November's Patch Tuesday is a contrast to the record number of fixes issued last month--13 bulletins for 34 vulnerabilities.

Updated 2:52 p.m. PST to correct that there will be six patches fixing 15 vulnerabilities.

[slickuser]

I thought it was 7 holes and planned to keep them open in Windoze 7. no?

[kojacked]

SlickLuser, It was actually planned as one big patch for the hole in your head.

[rationalreview]

Kojacked +1

[lazycat202]

No matter what it is, you always have something to say.

[Seaspray0]

Kojacked +2

[sharmajunior]

I think its Office 2007 and not "207"..LOL

Also some people ( I am not gonna say who), have no idea of what they are talking about. The issue is more complex than they think it is and just come in with their cheap snappy comebacks.

[elinormills]

Thanks for pointing that out. Fixed.

[BlitzBoy1120]

Um, there is a mistake with Office 2007 as the person above mentioned.

Good to know I guess.

[lazycat202]

No matter what it is, you always have something to say.

[Vegaman_Dan]

Anytime an OEM releases updates to address issues with a product, that's a good thing. It doesn't matter what product or OEM it is- I'm glad to have the support.

I'm surprised to see an update to Win2000 in there.

[Lerianis3]

I'm kinda surprised about that as well.... I thought Win2000 was 'out of support' now. Did Microsoft change their tune and decide to keep on supporting it.

[XiroMisho]

Win 2000 may be "Out of support." but the windows updates are free, and there are still clients out there that use it - if it's a basic kernel update (Hint, XP and 2K have the same base...) then why not release it for 2k? Honestly, only now is 2K starting to be pushed back... and that's just because XP is slowly getting pushed back. It makes sense, XP and 2k are very similar under the hood (though rebuilding TCP/IP is a lot simpler in 2K...) so again... why not?

[dhavleak]

Windows 2000 is in it's extended support period -- expected to end 13th July 2010 (a 10 year and 4 month lifecycle)
http://en.wikipedia.org/wiki/Windows_2000

From the wikipedia page -- extended support means that:
- no more service packs
- non-security updates require contacting support via phone/email
- Microsoft continues to provide critical security updates every month for all components of Windows 2000 (including Internet Explorer 5.0 SP4) and paid per-incident support for technical issues

[DaveinDC]

Does this fixes include the problems I can't install patches (8 patches) I got last month? I tried to find on Microsoft website for info and followed all instructions -- I still have 8 patches I can't get it to install on my Vista.

[Vegaman_Dan]

You can manually patch the system by downloading each one and running it from there instead of automatic updates. That will clear up the issue.

[Lerianis3]

Which ones are you having problems with? If it is the ones for Office..... I'm with you buddy. I've been trying to install those updates for Office 2007 myself, and the damned things just won't install, even doing them manually with the non-Windows Update installation packages downloaded from the Microsoft site.
Finally got tired of having it tell me "There are updates!" when they kept on failing to install so I just hid them.

[DaveinDC]

Vegaman_Dan, yes, I tried several times to download manually, even one patch at a time -- it didn't work. Same error code (I think it was Code 643 or something like that). I'm at work typing this -- need to check my PC at home.

Lerianis3, Office is one of 3 or 4 patches. I recalled .Net is one of them.

[DaveinDC]

Hi all.....I decided to call MS for your assistance. It is a known problem with 8 patches that I was unable to install. MS PC Safety Technican helped me and resolved everything -- was able to get all patches installed.

The tecnican told me the next security patch (I think it's next Tuesday) will take care of the 8 patches.

For those who wish to get this done now, call 866-PCSAFETY. It took us 45 minutes (or less) to resolve this.

[Mr. Dee]

There shouldn't be a problem here, as long as you have Automatic Updates turned on everything is fine. We should be happy too, at least Microsoft is focusing on improving and fixing the problems, its software the improvement process never ends. Look at Apple, they recently released buggy 27 inch iMacs, now they have to fix them.

[Gold_Storm_Mac]

didn't microsoft release buggy software too? what is this article about?

[Gold_Storm_Mac]

flash is buggy. since when was hardware buggy?

[dhavleak]

??

Clearly non-technical and shouldn't be commenting here. It's absolutely possible for hardware to be buggy even if that was not the case here.

[Lerianis3]

Hardware can be buggy if the DRIVERS for the hardware are not quite right and are causing the hardware to not work 'as they should'. I've had that problem on Windows, Linux, OSX... you name it, it's been a problem on ALL operating systems dating back to Windows 3.11.

[Mr. Dee]

Clear a bunch of clueless Mac users. (Then again, you folks have never been able to think deep enough to know the technical stuff). Yes, hardware can be buggy too, defective. Also, the 27 inch Macs are buggy, users are reporting the copy of Snow Leopard included is buggy.

[XiroMisho]

Hardware can easily be buggy... actually just about every CPU has some sort of horrific defect that needs a specialized patch in each OS to work around (Some more than others.)

You don't notice them (usually) because the buggy portions are worked around by engineers - but when you get that pretty BSOD - normally it's not software... and "drivers" again are simply working around known bugs in the hardware. thus why the first thing you do when having odd issues with a video card is to update the drivers.

(Apple also had a very buggy issue with their Video Card chips because the RHoS solder they used actually melted and dislodged the chip from the board it was attached too... Apple's famous "All lights on, but no image on screen." error.)

[ckh1272]

"by Mr. Dee November 5, 2009 8:53 PM PST
Clear a bunch of clueless Mac users. (Then again, you folks have never been able to think deep enough to know the technical stuff). Yes, hardware can be buggy too, defective. Also, the 27 inch Macs are buggy, users are reporting the copy of Snow Leopard included is buggy."

@Mr. Dee--Clearly you have no idea what you are talking about regarding most Mac users. Of course, that's what happens when you make blanket assumptions while standing in the shallow end of the Microsoft pool.

[Vegaman_Dan]

@ckh1272:

"Of course, that's what happens when you make blanket assumptions while standing in the shallow end of the Microsoft pool. "

Do you include yourself in that list of people who make blanket assumptions because based on the comment you just made, you qualify.

[dhavleak]

@ Gold_Storm_Mac and Lerianis3

Hardware can be buggy in and of itself. Software (firmware, drivers, or software at whatever leve) can be modified to *work around* hardware bugs -- but it's is absolutely possible for hardware to be buggy.

The CPU example given by XiroMisho is a very valid example -- for example, the floating point addition unit for a math processor could give wrong / imprecise results for a certain set of numbers or under certain conditions. In that case, depending on the severity of the problem, you could recall the processor and fix it, or you can issue a software patch that looks for numbers in the affected range, and then computes them using the integer pipelines + whatever logic is required to do the floating point calculation.

Or, for example, you have an audio DSP that encodes/decodes audio and has certain codec alorithms built in. If that chip has a bug, depending on the nature of the bug, you can use software replace the buggy function, but use the chip to do the rest of the encode/decode operations.

High level examples, but you get the idea. I am quite amazed though that you (Lerianis3 and Gold_Storm_Mac) can be so utterly clueless about these basic things, but come here regularly to comment on technology-related articles. Trolling much?

[dhavleak]

In case you get the wrong idea "recall the processor and fix it" means this: Recall the processor, throw away the recalled units, and send your customers new processors that were fabricated after the bug was fixed. You can't "fix" a processor once it's been fabricated.

[Gold_Storm_Mac]

no comment.

[DrtyDogg]

actually that is you already have 3 comments.

[Vegaman_Dan]

Yo

It had to stau've been commenting all over the place. And this is the first one that wasn't meant to be disruptive or cause trouble.

[XiroMisho]

Let it be known that Gold_Storm_Mac has no comment on the issue... in the comment section...

...oh hey look! Irony! I get it! ::cue laugh track::

[dhavleak]

@ Gold_Storm_Mac

Keep it that way - please :)

[Vegaman_Dan]

Wow, my keyboard was seriously lagging there, I see. My fault though- focus got stolen away by iTunes wanting updates again. :/

[techie_guy4]

Alert!! Windows can make you disappear!!!

Careful when you walk near windows os, you can fall in the hole and then microsoft applies patch, making you disappear forever..

;-)

[cmjcmjcmj]

That happened to me earlier this year but I found myself in the hospital and had been suffering from a slipped disc which was removed to so my guess is the computer manufacturers have a MRI Scanner to alert the system that another Disc can be obtained for free from some folks on a list to fix their disability, but I have now learned that the MRI Scanner wants to take three more Discs from me cause they are smashing my spinal cord to much. I figure that human Discs are better to manufacture computer parts with if the DNA Sequence has not died yet, like a cadaver the Discs die after so long being in a morgue, so watch closely when you reappear if it happens to you cause there are so many states that don't have the computer equipment that it makes me wonder where they do intend to obtain their computer manufactured parts from. Its my guess that some high influential blacks know fully well where the parts have to be processed to make for a batter computer, its the blue liquid that is most important, since I did not get to see the lab report I do not know how much was in the Disc they removed but there are three more in me that will add to the liquid base they are storing. Guess what, I also determined this is making me shorter than those whom are in a political Democrat office, so I might be able one day to sneak in and find out what is happening to the Discs and the Liquid and you can as well. Stay Alert Friends, really BIZARRE that theres so little time for Health Care and these Discs are stacking up faster than passage.

[internautaa]

Arguing online is like running in the Special Olympics. Even if you win, you're still retarded.

[dhavleak]

@ Orion Blaster

I actually reported this post to CNet as Illegal Activity.

I cannot believe you would do something like that. There are non-computer-savvy people that happen upon articles like these as well. They may not know enough to run AV. They may not know enough to not trust a site like that. You will cause real, tangible, harm and monetary loss to them if their machine gets pwned -- they might lose data. They might not even know how to get their machine functioning again and will have to pay someone to do it for them.

I cannot believe it when people stoop this low. You DISGUST me.

[cmjcmjcmj]

It would appear to me that Microsoft & the Obama Software Security CZARS should look into the Spam that sells downloads online from email advertising at Welcome Her Online [http://welcomeheronline.com/] and alert the world that such LEFT REMAINING DOWNLOADS AVAILABLE FROM PURCHASES WOULD INDICATE A SINISTER OPERATION - Guess what its Spam or just a plan old fashion Phishing attempt to get more info from purchasers. A affected software includes Windows 2000, XP, Server 2003, Vista, Server 2008, Office XP, Office 2003, 2007 Microsoft Office System, Office 2004 for Mac, and Office 2008 for Mac, is in this advisory.

Or this site could be the pre-dawn of The Obama Age so that their clones will be able to obtain cheaper products than most others. In understanding how a mass download could link to other downloads to complete a byte pattern cycle of a file faster than if a Internet connection has to be open to long and it fails to complete before the system logsout. Then a problem would occur in re-connecting to the lost download and it may not recognize the purchaser.