Microsoft Flubs Patch, Putting Users At Risk

An anonymous reader writes "Microsoft is rushing to fix a flaw introduced by the company's latest security update to Internet Explorer. From the article: 'The flaw, initially thought to only crash Internet Explorer, actually allows an attacker to run code on computers running Windows 2000 and Windows XP Service Pack 1 that have applied the August cumulative update to Internet Explorer 6 Service Pack 1, security firm eEye Digital Security asserted. The update, released on August 8, fixed eight security holes but also introduced a bug of its own, according to Marc Maiffret, chief hacking officer for the security firm, which notified Microsoft last week that the issue is exploitable.'"

When are we going to move these off the front page

[hcob$]

the MS has a security hole post has now become, trite, cliche, and dare I say it.... (-1, Redundant)

no need to worry.

[krell]

As long as, over the course of a year, the number of security holes plugged by the patches manages to outnumber the number of security holes introduced by these same patches, we're in real good shape right?

Clearly, the fix is

[Weaselmancer]

...to switch to Vista. [microsoft.com] That way, this sort of thing will never happen again. You betcha.

wtf?

[User 956]

The update, released on August 8, fixed eight security holes but also introduced a bug of its own, according to Marc Maiffret, chief hacking officer for the security firm, which notified Microsoft last week that the issue is exploitable.

Chief Hacking Officer? I wasn't aware companies had those these days.

Closed source strikes again

[MarkByers]

Haha! This sort of thing would never happen if you used Ubuntu [ubuntuforums.org]!

Do you ever get that feeling...

[T_ConX]

Do you ever get the feeling that IE6 is like a cartoon characters hole-riddled row-boat?

The cartoon character (lets just say it's Elmer Fudd) tries to plug a leak with his thumb, only to have another pop open on the other end of the boat. He stretchs over there to plug it with his other hand. A third appears, and he has to use his toe. Eventually, the number of leaks outnumbers the number of limbs (Or at least, the number of limbs one is allowed to show on TV. *wink* *wink*), and the boat finally goes down. A Fox riding in a Motorboat then speeds by...

Come on, it's like rai-i-ain on your wedding day

[spun]

You know, like goldy or coppery, only with iron. Microsoft is the John Holmes of security. Sure, they'll "patch your hole," but that's just gonna make your hole bigger.

What if Band-Aid ran their business this way?

[krell]

What if Band-Aid ran their business this way?

"Oh, never mind that our latest shipment of bandages had sharp rusty jagged bits of razor blades embedded in the cloth".

Or office building sprinkler systems?

"We at Paragon Office Protection Systems do not think it is anything to get upset about that our sprinkler system sprayed gasoline instead of water on that paper-room fire last week."

snakes!

[ssrs396]

My computer is full of snakes!

Re:To all Slashdot trolls

[neonprimetime]

Microsoft's idea of testing patches

1.) Perform Windows update
2.) Wait for system to reboot
3.) If system turns back on successfully after reboot, release!

Re:wtf?

[sam i am]

You're under arrect for hacking into the top secret CIA computers!

Wait, check out my business card, that is my job!

Hmmm, "Chief Hacking Officer". Ok then, carry on.

Re:wtf?

[99BottlesOfBeerInMyF]

Chief Hacking Officer? I wasn't aware companies had those these days.

This is what happens when employees pick their own titles. I used to work with the "grand poobah of software development" at a former company. It was on his business cards. An IBM guy snorted soda through his nose when he read it.

Re:So, does this mean...

[Linker3000]

No, Microsoft will start a new initiative called the Genuine Double Patch Advantage (GDPA)

New Windows Feature

[bblboy54]

I really don't understand why Microsoft doesnt just use their marketing power and explain how executing code from another machine is actually a feature. There is really no need to purchase applications such as pcAnywhere. Thank God for Microsoft saving us all that money!

Re:Why This is Different

[dw604]

Preparations A through G were absolute failures. On the whole, Preparation H is a good plan.

Re:Why This is Different

[Anonymous Coward]

Or it would be amusing if I didn't have to administer Windows systems. :P

I dunno, I find it ammusing you still have SP1 on your windows machine and claim to be the 'administator' of them.

You sir, should be fired for such a blatent oversight.