bit-tech.net

Microsoft's cancelled February Patch Tuesday releases rolled into March

Microsoft's cancelled February Patch Tuesday releases rolled into March

The patches originally scheduled for release last month have finally hit Windows Update as part of March's Patch Tuesday bundle, including fixes for six publicly-disclosed and exploited security vulnerabilities.

Microsoft has officially released a roll-up patch for its software to the Windows Update platform, including patches scheduled for March's Patch Tuesday as well as those originally scheduled for February's cancelled Patch Tuesday - though remains silent on the reason for said cancellation.

Microsoft has been following its Patch Tuesday release schedule - which it has previously unsuccessfully attempted to rebrand to Update Tuesday in order to skirt the negative connotations of the word 'patch' - for many a year now, scheduling the release of both security and feature updates for the second Tuesday of each month. In doing so the company claims it aids system administrators in knowing when to put aside time for testing and release, though it has previously broken the cycle in order to send out particularly critical security updates know to be under active exploitation ahead of time.

Last month, however, the second Tuesday came and went with no sign of any updates from Microsoft. The company issued a brief statement which claimed a 'last minute issue that could impact some customers [...] was not resolved in time for our planned updates today,' while describing the move as a 'delay' - only to issue an updated statement the next day confirming the outright cancellation of the updates, despite the presence of actively-exploited security vulnerabilities in the company's Windows platform.

While Microsoft would release out-of-band security patches for Adobe's Flash Player software later that month, the remainder of the updates were bumped to March's Patch Tuesday bundle which was released last night with no explanation for the original delay.

The major patches contained in the March Patch Tuesday bundle concern five high-severity remote code execution vulnerabilities in the company's software, which Microsoft has rated as particularly easy to exploit. Six vulnerabilities, meanwhile, have been previously made public or are known to be under active exploitation, including flaws in Internet Explorer and Edge, flaws in the Server Message Blocks (SMB) networking protocol, flaws in the Graphics Device Interface (GDI), a privilege escalation vulnerability in the Windows kernel itself, and an information disclosure vulnerability in the platform's XML Core Services.

A full list of the security patches found in the March Patch Tuesday release is available on the Microsoft Security TechCentre website.

23 Comments

Discuss in the forums Reply
Cthippo 15th March 2017, 10:59 Quote
I also got this:
Quote:
Compatibility update for keeping Windows up-to-date in Windows 7

This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

Makes me very very nervous
Mister_Tad 15th March 2017, 11:02 Quote
Quote:
Originally Posted by Cthippo

Makes me very very nervous

Whyso? I read it as "we're checking what percentage of the install base is using old and crusty HW/SW to decide when to stop for development for certain things"
Corky42 15th March 2017, 11:40 Quote
KB2952664 (Windows 7) and KB2976978 (Windows 8) have a long history, they started out as compatibility update for upgrading Windows 7… [that] helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows.

That was almost 2 years ago and they've been reissued multiple times, the general consensus seem to be they add the sort of telemetry gathering capabilities found in Windows 10 to older versions of Windows.

Microsoft isn't exactly instilling confidence in their updating process, between mystery patches appearing and disappearing, release notes being absent, and forced updates I'm not sure if it's better to take my chances with Microsoft or the ne'er do wells.
SMIFFYDUDE 15th March 2017, 17:04 Quote
I hope the update isn't going to put me into another infinite repair loop like it did last time it updated, 4 or 5 times in a row I had to restore Windows because of that and wasted 2 days.
Wwhat 19th March 2017, 12:45 Quote
I really don't get why the EU STILL doesn't make a new case against MS, they have been breaking so many rules for such a long time now and they add more and more to it.

When I say I don't get it I do of course mean I do very well get it, it's called 'money and bribes'.
And you have to say, they have made huge leaps in their bribing prowess, so many are on-board now and none reject them, if you look at all the evidence of all companies playing along with all their dubious trickery like all the efforts done to strongarm people into adopting windows10.

Anyway I guess we really have no option and will have to resign we eventually have to go linux. Or Apple but I really am not compatible with Apple's control of things policy either. Plus you don't get wide game support there either, plus their hardware in really weak in terms of processing power and GPU.

I wish there were more options, but I have no hope for the future in that regard.
But at least you can make a steambox with linux now.
rollo 19th March 2017, 13:26 Quote
Breaking what rules? If MS said tommorow screw you all we not making windows anymore, the worlds major governments would likely have to bribe them to continue.

Apple is worse both In security lock down and lack of supported hardware.

Steam box game support is limited, I would be shocked if it's 1% of steams total library.

Microsoft are a private company and Apple another private company has enough market share to stop any monopoly intervention.

EU took them to court on web browsers, can't really take them to court for not supplying updates to a 7 year old operating system, Apple cuts you off at 2 years for OSX. 10.5 for example was launched In 2007 by the end of 2009 it had received its last security update.
Gareth Halfacree 19th March 2017, 13:55 Quote
Quote:
Originally Posted by rollo
Steam box game support is limited, I would be shocked if it's 1% of steams total library.

Easy to find out. Linux-compatible Steam games: 6,772. MacOS compatible games: 10,538. Windows compatible games: 28,002. (Obviously, a lot of those games are the same game: it'd be rare to see a Linux-compatible game that isn't also compatible with Windows, for example.)

Searching for all operating systems gives the same total as searching for Windows, so we can safely assume that the 'Windows' result is actually 'all games on Steam.' That's good, 'cos it makes the next bit a lot easier:

Linux: 24.18% of all Steam games are compatible.
MacOS: 37.63% of all Steam games are compatible.

So, pretty much a quarter of all Steam games will work on SteamOS or A. N. Other Linux - just a little bit higher than your one percent estimate, so I guess you can go ahead and be shocked now.

To add a little more to those figures, though: it's only been possible to list Linux-compatible games on Steam since 2013, while it's been possible to list macOS-compatible games since 2010 - nearly twice as long. Naturally, it's also been possible to list Windows games since Steam first came out - well, let's say since 2005, when Valve signed its first publisher partnership. A better figure, then, would be to look at the breakdown of the games released in the last year. SteamSpy has a list of games released in 2016 (warning, link loads a big-ass page): 4,693. Unfortunately, if there's a way to make SteamSpy tell me how many of those are compatible with each operating system, I can't see it.

Still, I think we can safely say that developer uptake of SteamOS specifically and Linux in general is considerably higher than you estimated.
Corky42 19th March 2017, 14:05 Quote
Even if the EU decided to do anything it would take so long 7&8 would be distant memories, the web browser thing took over 10 years and even then Microsoft got fined years later for not complying.
rollo 19th March 2017, 16:28 Quote
I am shocked its that high gareth. Only way would be to break it down into specific segments,

Microsoft has little reason to change though, Web Browser thing was Argued that it removed choice. As it was default, Technically you have a choice if you install Windows or not.

If Intel cannot get them to support chips under windows 7 ( assuming they even asked) Then what hope do AMD have. Which is the main reason this topic has reared its head again after all
Gareth Halfacree 20th March 2017, 07:21 Quote
Quote:
Originally Posted by rollo
I am shocked its that high gareth. Only way would be to break it down into specific segments,

I was surprised, too. I knew it was more than 1%, but wouldn't have put it at a quarter. You read it here first: 2017 is The Year of The Linux Desktop ™(!)
rollo 20th March 2017, 09:56 Quote
I would of thought at most 5-10% I must say, be fun if Linux takes off.
Vault-Tec 20th March 2017, 10:41 Quote
Just put Linux on one of my boxes. Very nice (Ubuntu). Had some issues with Steam running but found out I needed to switch the GPU driver via the software menu to the actual Nvidia one. No probs since. Installed Bioshock Infinite and gave it a test, worked great.

I also seem to have lost all of the streaming issues I had with three versions of Windows (7, 8.1 and 10). I heard there was a pretty serious "downdate" a few months back that screwed up the internet but I thought that was only with 10.

Only problem is two of my PCs use proprietary daughter boards that only work with Windows, and if you install anything else on them the fans all set themselves to 100%.

Still, I don't need much more power than what this rig has, so it's a nice change :)
Gareth Halfacree 20th March 2017, 11:00 Quote
One of the fun things about looking into the world of open source and free software is you get to see what a difference compiling things for your specific CPU can make. Case in point: Google's new Guetzli JPEG compression algorithm.

Running the binary from Google: 100% baseline performance.
Compiling it from source with -O3 flag: 115% performance.
Compiling it with -Ofast flag: 121% performance.

That's a 21% performance gain over the generic binary, just by letting the compiler optimise it for my particular CPU (and use a few not-quite-standards-compliant maths routines). No hardware change, no overclocking, nothing. Now imagine if the next game you play had the same 21% performance boost, completely free of charge.

I'm thinking about writing a piece on the topic, but I'm snowed under with book work at the moment so it'll have to wait.
Vault-Tec 20th March 2017, 11:26 Quote
Still getting my head around it but a lot of the commands are familiar. Getting Steam on was a pain, I wish there were more .deb installers around. Still, nothing insurmountable and got there eventually. The rig is definitely far snappier than it was on Windows 7. Browers for example fly (well, apart from Firefox which is a bit chuggy like its Windows sibling).

I don't really need to do that much more now. Just get Trillian on. Just fired the deb but it doesn't seem to have worked so Terminal here I come again.
Gareth Halfacree 20th March 2017, 11:32 Quote
Quote:
Originally Posted by Vault-Tec
Still getting my head around it but a lot of the commands are familiar. Getting Steam on was a pain, I wish there were more .deb installers around.
What problems did you have? Steam is distributed as .deb package, so it should just have installed and automatically pulled in the i386 libraries it needs ('cos for some reason Valve has decided to compile it as a 32-bit ELF instead of 64-bit.)
Vault-Tec 20th March 2017, 12:02 Quote
Well it just wouldn't boot. Firstly it did not give me a desktop short cut which obviously is a problem if you don't know your way around Linux (fixed by typing Steam in terminal or finding the shortcut in /usr/bin). I think most of the problems were due to my GPU driver, which of course it doesn't tell you it just refuses to run. Windows usually gives you a reason, which you can then Google.

Then of course the Nvidia driver is not a deb either, so you need to pull it all manually via the terminal. That was easier though, because obviously there are plenty of guides online. In the end after pulling seemingly everything from the internet I was able to choose my driver through the software section of the settings thingermebub.

Just installed Trillian. Again, no shortcut ETC but I knew the drill by then. Still learning really, but love it so far. Oh and I have installed Chrome now too (So Chromium, Chrome and Firefox all running) and it does the job of the other two it seems (IE plays all 6 main streams for my footy). Still not quite got my head around why it's made such a difference but hey, I'll take it.

It's nearly there tbh. Now I just need something akin to Photoshop and it can be my daily rig. It's the quietest of the three too. And the furthest away :D

BTW, any reccs for an external sound card/dongle? it's not picking up my Azalia audio (very old AM2+ board) and tbh? I don't want to fight with it. The last thing I want to do now is kill it with so many hours invested. The Nvidia HDMI audio is working brilliantly with the monitor, but obviously I have nowhere to poke a set of headphones. Just something P&P would be lovely.

Oh yeah, last thing.. I also switched from wireless (which is crap on this old thing, the speed fluctuates like mad) to wired (my home made Killer NIC card..) Which has really made it so much better.
Gareth Halfacree 20th March 2017, 12:17 Quote
Quote:
Originally Posted by Vault-Tec
Well it just wouldn't boot. Firstly it did not give me a desktop short cut which obviously is a problem if you don't know your way around Linux (fixed by typing Steam in terminal or finding the shortcut in /usr/bin).
It certainly should have created a shortcut in the menu - not on the desktop, though. You definitely don't have to run it from the terminal. Did you click on the Ubuntu icon and type 'Steam' to find it?

http://forums.bit-tech.net/picture.php?albumid=2668&pictureid=54325
Quote:
Originally Posted by Vault-Tec
I think most of the problems were due to my GPU driver, which of course it doesn't tell you it just refuses to run. Windows usually gives you a reason, which you can then Google.
If you are running Steam at the terminal, it should give you a reason for exiting. It's pretty verbose.

http://forums.bit-tech.net/picture.php?albumid=2668&pictureid=54328
Quote:
Originally Posted by Vault-Tec
Then of course the Nvidia driver is not a deb either, so you need to pull it all manually via the terminal.
I'd recommend against installing the driver that way. You're better off following the official guide to pulling it from the Ubuntu repositories, that way it'll be automatically kept up to date via apt and you won't have to do anything at the terminal.
Quote:
Originally Posted by Vault-Tec
Just installed Trillian. Again, no shortcut ETC but I knew the drill by then.
If you installed it via your package manager, it should have created a menu entry just like Steam.
Quote:
Originally Posted by Vault-Tec
Now I just need something akin to Photoshop and it can be my daily rig.
I use The Gimp for all my image editing needs. Just switch it into single-window mode and it's not massively different to Photoshop, though lacking in some higher-end features.
Quote:
Originally Posted by Vault-Tec
BTW, any reccs for an external sound card/dongle? it's not picking up my Azalia audio (very old AM2+ board) and tbh?
Pass - the last sound card I owned was an ISA SoundBlaster AWE64 Gold. Still got it around here somewhere...

Strange that the audio isn't working, though. I'm on an FM3 motherboard here with Azalea audio and it's working absolutely fine out-the-box - in fact I'm listening to MP3s via analogue speakers right now.
Vault-Tec 20th March 2017, 12:32 Quote
Doh I keep forgetting about the search thing. Could have saved me a lot of time.

Currently doing some research, but I think with the sound card it's going to be suck it and see and return if it doesn't work. No idea why the onboard sound isn't being detected tbh. It's enabled in the bios and it definitely worked under Win 7.
Vault-Tec 20th March 2017, 13:40 Quote
Oh yeah one last question, G. Is there a good system monitor tool/app that shows temps etc?

Also - sound feex. Basically it doesn't show the device until you connect something to it. Then it works fine and I can switch. Noice !
Gareth Halfacree 20th March 2017, 14:19 Quote
Quote:
Originally Posted by Vault-Tec
Oh yeah one last question, G. Is there a good system monitor tool/app that shows temps etc?
I don't use any m'self, but typing 'sensors' at the terminal should give you something like the following:
Code:
blacklaw@trioptimum[~]$ sensors
it8728-isa-0228
Adapter: ISA adapter
in0:          +0.98 V  (min =  +0.00 V, max =  +3.06 V)
in1:          +1.48 V  (min =  +0.00 V, max =  +3.06 V)
in2:          +2.03 V  (min =  +0.00 V, max =  +3.06 V)
in3:          +1.99 V  (min =  +0.00 V, max =  +3.06 V)
in4:          +1.99 V  (min =  +0.00 V, max =  +3.06 V)
in5:          +2.22 V  (min =  +0.00 V, max =  +3.06 V)
in6:          +2.22 V  (min =  +0.00 V, max =  +3.06 V)
3VSB:         +3.34 V  (min =  +0.00 V, max =  +6.12 V)
Vbat:         +3.31 V  
fan1:        1099 RPM  (min =    0 RPM)
fan2:           0 RPM  (min =    0 RPM)
fan3:           0 RPM  (min =    0 RPM)
fan4:           0 RPM  (min =    0 RPM)
fan5:           0 RPM  (min =    0 RPM)
temp1:        +27.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = thermistor
temp2:         -8.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = thermistor
temp3:        +17.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = Intel PECI
intrusion0:  OK

k10temp-pci-00c3
Adapter: PCI adapter
temp1:         +3.1°C  (high = +70.0°C)
                       (crit = +80.0°C, hyst = +79.0°C)

I'm not sure if Ubuntu comes with the tool pre-installed these days. If not, this'll get you up and running.

If you're looking for something which offers control, try installing 'fancontrol' then running 'pwmconfig' at the terminal - it'll find all the PWM outputs on your motherboard, find out which fans they control, and even generate a plot of what duty cycles correspond to what fan speeds, then let you configure your fan profiles as you like. It's a CLI app, but very powerful.

If you want something equivalent to Rainmeter on Linux you'll be looking at Conky. Takes a bit of setting up, but it's stupid-powerful.
Quote:
Originally Posted by Vault-Tec
Also - sound feex. Basically it doesn't show the device until you connect something to it. Then it works fine and I can switch. Noice !
Hah! That's altogether too damn smart! I'll have never noticed that 'feature,' 'cos my speakers are always plugged in.
Vault-Tec 20th March 2017, 16:28 Quote
Awesome will try those later TYVM :)
Isitari 20th March 2017, 18:04 Quote
Quote:
Originally Posted by Gareth Halfacree
One of the fun things about looking into the world of open source and free software is you get to see what a difference compiling things for your specific CPU can make. Case in point: Google's new Guetzli JPEG compression algorithm.

Running the binary from Google: 100% baseline performance.
Compiling it from source with -O3 flag: 115% performance.
Compiling it with -Ofast flag: 121% performance.

That's a 21% performance gain over the generic binary, just by letting the compiler optimise it for my particular CPU (and use a few not-quite-standards-compliant maths routines). No hardware change, no overclocking, nothing. Now imagine if the next game you play had the same 21% performance boost, completely free of charge.

I'm thinking about writing a piece on the topic, but I'm snowed under with book work at the moment so it'll have to wait.
Please do this. Had no idea this was done. Any where you can recommend to start reading into optimisation for specific cpu's?

Sent from my SM-N915FY using Tapatalk
Gareth Halfacree 20th March 2017, 19:28 Quote
Quote:
Originally Posted by Isitari
Please do this. Had no idea this was done. Any where you can recommend to start reading into optimisation for specific cpu's?
Effectively, it's all down to the compiler. Using the GNU Compiler Collection (gcc) as my example, 'cos that's what I use, you can use a series of flags to tell it to optimise for this, that, or the other. The default setting is to compile in such a way to maximise compatibility with other processors sharing the same architecture and to make debugging as easy as possible. You can use flags to override these defaults, in order to compile with a focus on speed or binary size.

Compiling with the -O2 flag, for instance, compiles for speed while retaining standards compliance. Compiling with -O3 turns on additional speed optimisations which may, in some cases, veer a little outside the official standards. Compiling with -Ofast turns on even more optimisations which are definitely outside the official standards and may, therefore, make the program do something odd under certain circumstances - or may work absolutely perfectly.

Then there's the -march=native flag, which tells gcc what microarchitecture to target - in this case, the microarchitecture of whatever processor you're currently running gcc on. Using that, it might opt to use processor features not present in other microarchitectures - improving performance but making it so the binary doesn't work properly on a different microarchitecture (working on Piledriver but not Bulldozer, for example, or Skylake but not Ivy Bridge.)

There are even more flags - such as -flto, for link-time optimisation - and unless you know the program you're compiling intimately there's no easy way of guessing what might help or harm performance without trying it out. Compiling with "-Ofast -march=native -flto" (and maybe throwing a quick -funsafe-math-optimizations if you're confident it won't break anything) is usually a good way to get a decent speed boost, though.

Then you can get really clever and compile the program in such a way that it generates information which can then be used to optimise a second compilation run...

The Gentoo wiki has a good run-down of the most common flags. Remember, though, that you don't have to do this to run Linux; you can just download precompiled binaries and use them straight off the bat, just as in Windows. If you can be bothered, though, you'll almost always win a performance boost if you compile from source.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums