Microsoft patches Windows 7 beta

Microsoft yesterday issued its first patch for the just-released Windows 7 beta, but it passed on plugging a hole in an important file-sharing protocol that it fixed in older versions of the operating system.

Earlier yesterday, Windows Update, Microsoft's primary update service, began delivering the first patch to Windows 7 since the company struggled to launch the public beta last Friday. The update fixes a flaw that shaves several seconds of audio from any MP3 file that's edited, including files modified automatically as users connect to the internet.

Windows 7 review

Windows 7 news

Windows 7 forum

"Without action on your part, all MP3 files that have large headers in your Windows Media Player and Windows Media Center libraries are likely to lose some audio," Microsoft said in the support document it published at the weekend, several days after it first posted the fix to its MSND and TechNet subscription services.

Before Tuesday, users who wanted to apply the fix had to find it, download it manually and install it themselves.

Microsoft also recommended that users back up all MP3 files before doing an upgrade to Windows 7 from Windows Vista, and that they set all of them to "read-only" status by right-clicking each file in Windows Explorer and then clicking the General tab and selecting the "Read-only" box. Failing that, users should disable metadata automatic updates in Windows Media Player, Microsoft said.

 Windows 7 news, reviews and forum: click here NEW!

At the same time, it quashed the MP3 bug, however, Microsoft ignored a vulnerability in the Server Message Block (SMB) protocol that affects every version of Windows, including Windows 7.

Microsoft explained why the flaw went unfixed. "We provide security updates for beta versions of Windows through Windows Update for Critical issues only," said Christopher Budd, a spokesman for the Microsoft Security Response Center (MSRC), post to the group's blog Tuesday. "So the vulnerability will be addressed in the next public release for Windows 7."

Of the three bugs patched by the MS09-001 security update today, just one is pertinent to Windows 7, Budd added. That vulnerability, designated as CVE-2008-4114, is a denial-of-service bug rated "moderate", the second step in Microsoft's four-level scoring system.

The remaining two vulnerabilities - both labeled "critical" by Microsoft - affect Windows 2000, XP and Server 2003; one of them also affects Windows Vista and Server 2008.

Windows 7 beta, which was released Saturday, will be available for download through at least January 24. Visit PC Advisor's Microsoft News Spotlight for the latest news on the software giant.

Related articles:

• How to: dual-boot Windows 7
• How to: is your PC ready for Windows 7?
• Microsoft's horrible Windows 7 dilemma
• Windows 7 gets mixed reaction

Computerworld.com

Submit to:Digg Slashdot Del.icio.us Reddit

• FREE email newsletters. Get news, reviews and features straight to your inbox
• For videos of the latest products, visit PC Advisor TV
• Sign up for RSS to get the latest news and reviews, direct to your desktop
• Get PC Advisor news, reviews and blogs on your website for free

Latest technology news:

• Mitel to offer virtualised voice
• Gumblar malware attack surges again
• McAfee unveils Email and Web Security Appliance 5.5
• Google releases open source app development tools
• Opera, Mozilla and Google respond to Microsoft browser ballot