Microsoft Flubs Patch, Putting Users At Risk 209
An anonymous reader writes "Microsoft is rushing to fix a flaw introduced by the company's latest security update to Internet Explorer. From the article: 'The flaw, initially thought to only crash Internet Explorer, actually allows an attacker to run code on computers running Windows 2000 and Windows XP Service Pack 1 that have applied the August cumulative update to Internet Explorer 6 Service Pack 1, security firm eEye Digital Security asserted. The update, released on August 8, fixed eight security holes but also introduced a bug of its own, according to Marc Maiffret, chief hacking officer for the security firm, which notified Microsoft last week that the issue is exploitable.'"
Why This is Different (Score:5, Insightful)
Re:will it cause problems? (Score:5, Insightful)
I recently did a full reinstall of her system (at my place on cable) from a MS cd (managing to maintain her OEM activation), SP2, Firefox, Opera and IE7-beta3 and she's been good for ages now.
The annoying thing is, even on dialup with sparse on-off connectivity and surfing it's remarkeably easy to get infected. Don't underestimate the number of people who *CAN'T* keep upto date.
Get rid of fixed patch date (Score:4, Insightful)
Re:Why This is Different (Score:5, Insightful)
And that is exactly why I like to see it on the front page of
Of course I don't rely on
8 for 1 (Score:2, Insightful)
Let's see if I got this right... (Score:0, Insightful)
Ubuntu has a problem today, which basically renders machines inoperable that update their X software today. Ubuntu doesn't have as many security problems as Microsoft (for a lot of reasons, I imagine, but I'm tend to think it's because of the much smaller installation base). Heck, this issue doesn't even affect security - which isn't quite as important as functionality (seriously; the number of exploits for this Microsoft problem will be small, and the number of Ubuntu users locked out of their machines is probably something like 60%, given the small numbers of their user base).
Given all of this information, there is no front page story on the Ubuntu fuck up of today. Biased? Of course. Unexpected? Definitely not; this is Slashdot; News for Nerds, Stuff that Matters, assuming you use Linux. Everyone else need not apply.
Re:will it cause problems? (Score:2, Insightful)
Re:will it cause problems? (Score:1, Insightful)
No shes not. IE7 has patched & unpatched vulnerabilities. Why are you putting beta software on there anyway?
But VISTA is Coming... (Score:4, Insightful)
Meaning, the number of serious holes is going to be astonishing, because they are so sophisticated and well hidden that only the best hackers can find and exploit them without users and IT admins finding them.
Aaaaak
Breaks Siebel too (Score:1, Insightful)
Re:Closed source strikes again (Score:1, Insightful)
Forced Reboot = BAD (Score:4, Insightful)
I was once running an experiment for a prof. The computer controlling the experiment has a GPIB card, which is controlling several other devices in the room (PID temperature controller, Lock in amp, yada yada yada.) The software running the experiment was written in LabVIEW.
I'm in the middle of a nine-hour experiment when this dialog box pops up. "Your computer will restart in 5 minutes to apply updates."
Now, let's review. What have I done wrong?
Re:Disable HTTP 1.1 (Score:4, Insightful)
So, they KNEW about this problem at the time they sent out 918899 to the world via Windows Update!
They already had the fix available, but they chose to neither include it in 918899 nor to withhold 918899 from release on August 8th.
It caused some damage at work. We had to ask for the KB923762 fix, which took 3 days to get (because we buy computers with Windows installed, so we cannot call Microsoft but have to go via Dell).
IMHO it is gross neglect by Microsoft to knowingly release a defective update for which a better version already is available.
Re:I will not criticize this (Score:4, Insightful)
Dupe (Score:3, Insightful)
Seriously, how is this news? Everyone with even half a clue (and certainly almost all
If for some reason