Partager via

How Microsoft Security Bulletin MS07-017 affected Windows Vista

  • Article

Feliciano Intini (a senior security guy in Microsoft Italy) has posted an excellent analysis of the MS07-017 bulletin released today. Essentially, it's a roll up of graphic-related fixes.

Of the seven discrete fixes:

  • All seven affected Windows 2000.
  • Six affected Windows Server 2003 SP2.
  • Six affected Windows XP SP2.
  • Only three affected Windows Vista.

The link below gives a better overview of the bulletin.

https://blogs.technet.com/photos/pcfs-gallery/picture725076.aspx

 

Comments

  • Anonymous
    April 03, 2007
    I'm kinda (not) feeling sorry for all the security programs/fixes/patches/workarounds/etc that banked on security inefficacies in previous versions of windows.  I'm quite proud that Vista has stood up to the harsh critisisms, and has proven thusfar that it is more secure.

  • Anonymous
    April 03, 2007
    there's a long way to go yet!!

  • Anonymous
    April 04, 2007
    Michael, Thanks for these updates.  I was wondering if you believe more of the security related bugs found in Vista will be related to items actually coded many many lifetimes ago, such as for Windows 2000 or XP.  It seems that the practices put in place at MSFT should really slow to a crawl the number of "new bugs" based on newer code.  I'm sure it is a huge job to pour over everything that's ever been written.  As you say, a long way to go...

  • Anonymous
    April 04, 2007
    Michael:  Can you respond to this article?   http://blogs.zdnet.com/Ou/?p=460 Thx.

  • Anonymous
    April 04, 2007
    SM, the big issue with DEP/NX is lots of stuff breaks when it runs in IE. For example, JVM, QuickTime etc.. but we are trying to address this.

  • Anonymous
    April 04, 2007
    C Gomez, there will certainly be bugs we've missed, and there will be bugs in new code. Of that, I have no doubt. However, when we look back two years from now, we'll see a great deal of improvement.

  • Anonymous
    April 04, 2007
    The comment has been removed

  • Anonymous
    April 07, 2007
    How about the fact that this has caused multiple computers, mine included, to load 3 files on boot then crash.  seems to be overwriting a file on boot and corrupting it.

  • Anonymous
    April 07, 2007
    The comment has been removed

  • Anonymous
    April 08, 2007
    to no-longer a MS fan, This is news to me - what files are loaded and which OS?

  • Anonymous
    April 08, 2007
    Andy I have read Ozment's paper. In fact, he and I debated in Rome last year at ISSE 2006! I agree with his final comments in the paper: "inconclusive"

  • Anonymous
    April 14, 2007
    I have not tried vista but I heard that it is full of bugs.

  • Anonymous
    April 15, 2007
    edward, >>I have not tried vista but I heard that it is full of bugs. if you heard it on the Internet, it must be true!

  • Anonymous
    April 18, 2007
    Please include a similar summary table in all security bulletins. It's a very concise way of presenting all the information that I usually need to get from the bulletin, and the color coded format really helps.

  • Anonymous
    April 18, 2007
    Alexander, yeah, it's a great asset. Actually, I just met the guy who creates the tables, he's over from Italy. I'll pass this info onto him, and to the MSRC folks here.. thanks!