mailing list archives
Re: MS are doing Windows Updates for XP to IE7
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Mon, 30 Oct 2006 12:48:13 +1300
Valdis.Kletnieks () vt edu to Charles Hamby:
It seems to me that all you need to do is set Automatic Updates to tell you
when new patches are ready and then tell it to ignore IE7 if you don't want it.
Well, yes, if you are (a) clued and (b) know it's coming. If you've got it
set to download-and-install at 3AM every Wednesday morning, you may be in for
If you're _NOT_ clued enough to know better then you "deserve" the
automatic, silent IE 7 "upgrade".
MS got this right. True, it took about six years of nearly everyone
with any clue outside MS beating the snot out of MS each time there was
a massive "whoopsie" due to the fact they did not have something like
this capabaility, or did but it was not the configured default, but
eventually even MS came to see that it should not be responsible for
allowing those too stupid to not know any better to keep shooting off
both their feet each time there was an ItW exploit for an "old" Windows
remote arbitrary code exploit.
_AND_, the world has been a better (still far from perfect, but better)
place since SP2 started to roll-out and change default WU configs to
the then-new default of "auto-download and install".
If you're too stupid to know to change it, it is precisely the kind of
thing you need _and_ the rest of the world should be thankful for.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: MS are doing Windows Updates for XP to IE7 Paul Szabo (Oct 29)