Re: Microsoft Numbering System

From: Mark L. Jackson (codewizard_at_HOTPOP.COM)
Date: 09/29/03

  • Next message: Shannon: "Something changing DNS server settings" 
    Date:         Mon, 29 Sep 2003 13:24:11 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    At 09:10 AM 9/18/2003 -0500, you wrote:
    > > -----Original Message-----
    > > Can't M$ just use ONE and only ONE numbering system so that
    > > fewer people, like me, will get confused? This is certainly
    > > one of the many things that M$ needs to put some of its
    > > effort in its continuous improvement.
    >
    >What you're asking for is that all the detailed information, for several
    >different products and several different downloads, should be stuck into one
    >massive document. I'd see that as making things _more_ confusing, not less.

    Not true at all. The rapidity with which M$ is shoving XML down our throats
    should have fixed this problem long ago. If M$ is so sure that your can use
    Office as a front end (because of XML attaching to back end databases) then
    this is a perfect way to prove it.

    The document could be an Excel spread*** or an I.E. webpage that shows in
    Explorer (with folder view); listing the patches in the order of your
    choice. Each cell would be a link to the KB article, the download site, and
    indicator for installed/not, etc... This could all be done with an XML
    schema, and having Office or Explorer attache to say windowsupdate.com
    (when it works).

    If M$ can build an XML schema to run hfnetchk then it could just as easily
    be done inside of Office. Considering that M$ does only those things that
    keep you in the corral, this would be a great way to do it. You would have
    to have Office installed and legal, I.E. would be your default browser; and
    only then would they patch your machine. The alternative (to 'look' like
    they are not being monopolist) would be to have something similar to what
    they have now. A confusing, ill-planned, and sometimes useless site for
    downloading patches. Of course you would need a passport to get into it.

    The backend would take time to set up, but if security and their customers
    are ' job 1' then it should be done. Or (are you listening M$) if locking
    customers in to M$ software is ' job 1' (and it is) then they should
    implement this immediately. Of course they could just keep us on the
    upgrade treadmill.

    As for numbering that is easily solved.

    issuenumber-productid-subproductid-version.incremental

    An example would be 123456789-2k-sbs-3.4

    123456789-KB - the knowledge base article
    123456789-9x - 9/5-8 specific info
    123456789-NT- NT specific info
    123456789-2k - 2000 specific info
    123456789-XP - XP specific info
    123456789-03 - 2003 specific info
    123456789-off - Office
    123456789-vis - visio
    123456789-wrd - word
    123456789-xcl - Excel
    123456789-ppt - Powerpoint
    123456789-SMS - SMS
    123456789-sim - flight sim
    etc.....

    Everything would key off the issue number. So if you put this on the web
    site, the URL would look something like this:
    fix.microsoft.com/aspx?123456789. This page would have links to the
    article, the patch for each systems affected. Using frames the page could
    display in the left frame with a drop down or ordered list that would open
    in the right frame. Or they could use the current technet setup and have
    the left frame display the issue numbers and would select yours and open
    the list showing the separate d/l pages underneath, with the KB article in
    the right frame.

    >The security bulletin tells you what the general effect of the bug is, what
    >software is affected by it, and how critical it is. It includes a link to
    >more detailed information and patches for each of the software versions
    >affected. How is this confusing?

    Bit condescending there, Alun. Fact is it is never that simple. Ignoring
    the fact that several issues are in fact under different numbers you have
    the problem of different people using different references, even on this
    list. If I don't know the Security Bulletin I.D. then how would I find the
    info? Have you tried to search for information on the techenet/support/msdn
    sites? It sucks. What if I have been given the patch number? Have you tried
    following the numbers backwards. It is not that easily done. I have on
    several occasions been met with 404 on a page, or the notorious error page
    generated by I.E. about checking MY connection. Or worse been given a bad
    number only to spend hours trying to match the system to a patch which
    might not even exist.

    >Alun.
    >~~~~ 

    ----
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available.  And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
----
  • Next message: Shannon: "Something changing DNS server settings"
    • Quantcast