Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Oops! Missed One Fix — Windows Attacks Under Way 292

CWmike writes "Microsoft says attackers are now exploiting a critical Windows bug that it didn't get around to fixing in its biggest batch of security patches in more than five years, issued yesterday. Microsoft said that 'limited and targeted' attacks are in progress by hackers exploiting an unpatched vulnerability in the WordPad Text Converter, a tool included with all versions of Windows. If Microsoft patches the WordPad problem on its monthly schedule, the first opportunity for fixing the flaw would be Jan. 9, 2009." Update: 12/10 22:28 GMT by T : OK, there might have been more than one: reader Simon (S2) writes "There is an even more serious flaw ... From SANS: 'There is a 0-day exploit for Internet Explorer circulating in the wild. At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon. This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine. The exploit is a typical heap overflow that appears to be exploiting something in the XML parser.'"

Groklaw Says Microsoft Patent Portfolio Now Worthless 219

twitter writes "P.J. concludes her look at the Bilski decision: 'you'll recall patent lawyer Gene Quinn immediately wrote that it was bad news for Microsoft, that "much of the Microsoft patent portfolio has gone up in smoke" because, as Quinn's partner John White pointed out to him, "Microsoft doesn't make machines." Not just Microsoft. His analysis was that many software patents that had issued prior to Bilski, depending on how they were drafted, "are almost certainly now worthless." ... He was not the only attorney to think about Microsoft in writing about Bilski.'"

HP's Fury At Vista Capable Downgrade 499

More documents are coming out in court proceedings over the Vista Capable debacle. has good coverage of HP's fury over Microsoft lowering the requirements for a Vista Capable sticker, at Intel's request. "Intel officials may have been pleased that Microsoft lowered standards for obtaining the company's Windows Vista Capable logo program sticker, but the same can't be said about HP's execs. 'I can't be more clear than to say you not only let us down by reneging on your commitment to stand behind the [device driver model] requirement, you have demonstrated a complete lack of commitment to HP as a strategic partner and cost us a lot of money in the process,' said one e-mail from Richard Walker, the senior vice president of HP's consumer business unit, to [Microsoft executives]." follows the trail of accusatory emails inside Microsoft from there: "HP's email prompted then Microsoft co-President, Jim Allchin, to send a furious email of his own to company CEO Steve Ballmer. Allchin's email suggests the decision to lower the requirements was made in his absence by Ballmer, following 'a call between you and Paul [Otellini, Intel CEO].' 'I am beyond being upset here,' Allchin wrote to Ballmer. 'What a mess. Now we have an upset partner, Microsoft destroyed credibility [sic], as well as my own credibility shot.' Ballmer, in turn, blamed another Microsoft executive, Will Poole, in a rather erratically typed reply to Allchin."
The Internet

Air Force To Rewrite the Rules of the Internet 547

meridiangod writes "The Air Force is fed up with a seemingly endless barrage of attacks on its computer networks from stealthy adversaries whose motives and even locations are unclear. So now the service is looking to restore its advantage on the virtual battlefield by doing nothing less than the rewriting the 'laws of cyberspace.'" I'm sure that'll work out really well for them.

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.