Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Vista Beta to Get Security Updates, Too

By Ed Oswald, BetaNews

August 18, 2006, 12:40 PM

Although Microsoft is fond of saying that Windows Vista is the most secure operating system ever, a member of the operating system's security team disclosed this week that the OS will be the first beta product to be serviced by security updates. At least two of the patches from this month's Patch Tuesday are also intended for Vista.

Fix MS06-042, the cumulative patch for Internet Explorer, and the fix for MS06-051, concerning a vulnerability in the Windows kernel, have been updated to include a version of the patch for Vista Beta 2 systems. Both flaws are rated "critical."

Microsoft security team member Alex Heaton said that the company had received multiple inquiries on whether some of the most serious vulnerabilities affect customers' systems. Heaton stressed that Vista is immune to the most serious flaw, MS06-040, which was highly publicized as a possible worm threat last week.

"We are committed to release Windows Vista updates for all MSRC critical class issues that may arise during the beta testing period," Heaton said. "We strive to release any Windows Vista updates as soon as possible, but our priority will be to release the updates for Windows products that have been released to manufacturing."

The decision to release patches for the next-generation operating system may be due to its widespread use. Windows Vista is one of the most broadly deployed beta programs in the company's history, and the OS is likely installed on tens -- if not hundreds -- of thousands of computers.

Heaton warned that in issuing patches for Vista, it only would be for the current beta release of the operating system. Thus, patches for Release Candidate 1 will not be applicable to Beta 2, and so forth. Additionally, once the final release of Vista out, the company will no longer service the betas with security releases.

Those concerned with security updates for Vista can review Microsoft's Knowledge Base article on the subject, which the company will update throughout the beta process.

Add a Comment (31 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By RingMaster

posted Aug 20, 2006 - 9:57 PM

This is good that they are patching Vista Beta. Makes it automatically incorporate those patches into Vista Retail so its not needed to download it in the future.

Score: 0

By robmanic44

posted Aug 20, 2006 - 9:05 AM

If you want security, shutdown your system. Or, if you're a major league geek, you can go to BSD. Even Solaris has some holes. The problem has a solution, but I don't think most people are likely to accept it. The day of the limited net is probably not that far away. You will get just the net you lease and a system monitor will limit you to your current apps and your browser will be only go to the sites included in the lease. Sounds like a barrel of laughs, but I think it's coming.

Score: 0

By sophist_dreams

posted Aug 20, 2006 - 8:30 AM

What? Another Major Microspud Development is full of security holes? Who'd have thought?

Score: 0

By Metshrine

posted Aug 21, 2006 - 10:27 AM

What? Another troll comment from sophist dreams? The user that never adds anything useful to any discussion? Who'd have thought?

Score: 0

By Grazer

posted Aug 21, 2006 - 4:25 AM

A beta with bugs? No way. Say it ain't so.

Score: 0

By kprovance

posted Aug 19, 2006 - 7:20 AM

I would not be surprised if MS started releasing Vista Service Packs even before the release of the software itself!

Score: 0

By frankwick

posted Aug 18, 2006 - 2:42 PM

Why go to the time and toruble to release patches for beta software? Beta software is released in order to find bugs. You will have bugs in beta. MS makes no gurantees that the software will function as designed nor should they. Likewise, they shouldn't be required to fix it. Why not just roll the fixes in the others and release a new beta or RC?

Score: 0

By wav

posted Aug 19, 2006 - 2:50 PM

Because even for those who are testing the software, who may use it as a primary OS to test and determin its capabilities under normal working conditions, it is still critical that they too are offered security updates, which in my opinion, shows that MS is in good public relation towards those who help them in return. Isn't it fair to help those who help them? Also, for MS to offer and implement its auto update feature, it gives beta testers the chance to review that programs performance as well.

Score: 0

By frankwick

posted Aug 21, 2006 - 10:47 AM

Why should you keep running an old out-dated beta whose bugs may be fixed already. MS should release a new beta and recommend all current testers install it. MS will get better feedback from people testing newer builds and not beta 2 that is now months old.

Score: 0

By Fidelio

posted Aug 19, 2006 - 1:15 PM

I think this shows how Microsoft has taken these security issues very seriously, even for customers running Beta software.

Score: 0

By sophist_dreams

posted Aug 20, 2006 - 8:32 AM

I think this shows that Microspud didn't learn a damn thing from the way their previous OS software was developed.

Score: 0

By Metshrine

posted Aug 21, 2006 - 10:28 AM

And what ever-so-secure operating system do you use? If you even say anything *nix based, I will laugh at you and point you to the daily secunia reports which have 100's of patches for *nix os's and the software included on such.

Score: 0

By PC_Tool

posted Aug 21, 2006 - 11:35 AM

Just got done with an Ubuntu install. 164 updates, right off the bat. Most of them networking, gnome (the desktop), or dependant libraries (what Windows would call DLLs).

Perfect sofwtare wouldn't require any updates, right? Security or otherwise?

*grins*

Score: 0

By Metshrine

posted Aug 21, 2006 - 1:00 PM

Yes, and these updates often require almost 200+MB of downloads. Last time I reinstalled XP SP2, I had 80MB of stuff to download. hmmm, which is better.

Thanks for your post PC_Tool :)

Score: 0

By PC_Tool

posted Aug 21, 2006 - 1:02 PM

Took over 2 1/2 hours. I didn't look at the speed or the total size, but I can *usually* download about 1200MB in that timeframe from my usenet provider.

Score: 0

By crashoverride

posted Aug 20, 2006 - 10:34 PM

I'm guessing you another one of these idiots people that think there can be such a thing as a 100% secure OS. I got news for you...it'll never happen.

Score: 0

By flake

posted Aug 18, 2006 - 1:41 PM

What's really funny is that the recently released WSUS 3.0 Beta2 patch management product from Microsoft will not serve updates to Vista betas until it gets updated later this year, supposedly around the time when Vista RC1 is released.

This is a notable regression since WSUS 2.0 could easily sync with the beta microsoft update site and update Vista and Office 2k7

Score: 0

By WayneWare

posted Aug 18, 2006 - 1:26 PM

Tsk Tsk...My dear old Daddy always said, "If you can't get it right the first time, then you should study harder?"

Score: 0

By deminicus

posted Aug 18, 2006 - 2:19 PM

keep in mind the game is getting more and more complicated. It's not like they are starting from same point as in the past. To put in your words, it's like going back to try again and the subject your studying is completely rewritten with 20x the content.

Score: 0

By Alex Stevens

posted Aug 18, 2006 - 1:42 PM

When you can write perfect software that has no security problems get back to us.

Score: 0

By terminalx

posted Aug 18, 2006 - 4:18 PM

there is no such thing as perfect software...troll

Score: 0

By wav

posted Aug 19, 2006 - 2:53 PM

Software that tells you that 1 + 1 = 2, in mine and any other mathamatician, proves that program is flawless. Unless someone wants to tell me that they learned that 1 + 1 = a Window. ;x Or if you can add 1 + 1 to equal something other than 2 in basic numeral equasions... Is that function not perfect? Enter that function into a software button and you have a perfect software technically. ;]

Score: 0

By Grazer

posted Aug 22, 2006 - 12:13 PM

Software that tells you that 1 + 1 = 2, in mine and any other mathamatician, proves that program is flawless.
Until you try adding 4000000000 to 4000000000 or 1.5 to -1 and come up with errors, later realizing that the programmer never expected anyone to try to use such a simple little calculator program to perform operations on such large numbers, or non-whole numbers, or negative numbers; so they used unsigned 32-bit integers in the program's code.

Score: 0

By PC_Tool

posted Aug 21, 2006 - 11:13 AM

Okay, now compile it and try to run it on a platform not intended, or ina configuration not intended.

Still perfect?

Didn't think so.

Score: 0

By crashoverride

posted Aug 21, 2006 - 3:50 AM

Perfect software is an absolute impossibility. Imperfect beings (humans) cannot make a perfect creation.

Score: 0

By Yakumo

posted Aug 20, 2006 - 9:01 PM

your program merely does what you intended it to. you've not proved it's perfect, you've not made sure it can't be leveraged by a talented hacker for nefarious purposes yet.

can you even be sure there isn't a problem as simple as an exploitable buffer overrun?

your program could be as flawed as your pedantry ;)

Score: 0

By PC_Tool

posted Aug 20, 2006 - 8:42 PM

Great!

Now make a flawles program comtaining over 1 million lines of code (relatively small) and support for at least 300 configurations.

Good luck with that. Don't come back 'til yer done.

Score: 0

By Grazer

posted Aug 21, 2006 - 4:24 AM

Don't forget how many human languages it should seamlessly support; or the fact that, despite the cliche, one person's bug is another person's feature.

Score: 0

By PC_Tool

posted Aug 19, 2006 - 10:48 AM

And the original poster wasn't?

Context makes all the difference, man.

Score: 0

By deminicus

posted Aug 21, 2006 - 8:41 AM

i agree, words have no meaning without context, since human language is more abstract than most people realize.

Score: 0

By PC Rat

posted Aug 18, 2006 - 1:17 PM

...

Ok, WinVista is going to get security updates.
Is this a surprising revelation ?

Sounds routine and expected.

Previous Microsoft OS beta's didn't get 'em.
But, then again, it's been ~years~ since
Microsoft has put out a new OS.

...

The Computer Rodent

...

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue