0

Microsoft has made a double whammy of Windows 7 update announcements. The first concerns a hotfix for a bug that could "cause some application failures on the English version of Windows 7 Release Candidate 32-bit Ultimate" while the second brings news of the arrival of as many as 10 'fake' updates which "will not deliver any new features or fixes."

There has already been some concern over potential security problems with Windows 7, and consternation at how the 'free trial period' will be ended which some have described as being mental, so such mixed messages are bound to be met with much interest. But there is a simple explanation for the apparent confusion.

The first hotfix comes because, according to Microsoft itself, the English version of Windows 7 Release Candidate (build 7100) 32-bit Ultimate has a folder created as the root of the system drive (%SystemDrive%) missing important entries in the security descriptor. "One effect of this problem" Microsoft says "is that standard users such as non-administrators cannot perform all operations to subfolders that are created directly under the root." Which means that applications referencing folders under the root might not install or uninstall successfully and operations or applications that reference them could fail. It goes on to explain that if a folder is created under the system drive root from an elevated command prompt then it won't inherit the correct permission from the root meaning specific operations such as deletion of thr folder itself will fail if performed from a non-elevated command prompt. It seems that, as far as the English version of Windows 7 Release Candidate 32-bit Ultimate is concerned at any rate, the access control lists on the root are just simply set incorrectly. Microsoft has been quick to act though, with a hotfix through Windows Update already available.

If you like your Windows Updates to do, well nothing at all really, then Microsoft has good news for you there as well. It has announced that, starting May 12th, it will begin verifying "update scenarios on Windows 7 RC" which will ensure that future real update processes will run smoothly. "There will be at most 10 updates" Microsoft says, adding "they will not deliver any new features or fixes." Some will install automatically, at least one will not, but all will be clearly marked as tests.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

1
Contributor
0
Replies
1
Views
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.