Judging by my inbox, lots of you downloaded a bootleg copy of Windows 7 build 6956 from BitTorrent, and now you have it running. But no matter how hard you try, you can’t update its built-in copy of Internet Explorer 8 with this week’s extremely critical out-of-band security update, which Microsoft turned around in record time.
That’s the downside of running software from unauthorized channels. You see, the build zipping around the BitTorrent tubes right now is a random “daily build,” one of many that was produced during the run-up to the upcoming beta release of Windows 7. Anyone who would have had authorized access to that build (Microsoft employees, OEM partners, a tiny corps of trusted beta testers) already has authorized access to more recent builds (including, rumors say, the final beta release itself) that can be updated with a supported version of this crucial IE8 patch. So, logically enough, Microsoft’s security team doesn’t release an update for that leaked version, just as it didn’t release an update for build 6952 or build 6961. As a result, you’re vulnerable if you visit a compromised website using the unpatched version of IE8.