Slashdot Mirror


Microsoft, zlib, and Security Flaws

nakhla writes: "News.com is reporting that Microsoft's use of code from the open-source zlib library has led to possible security problems. The flaws in zlib were reported recently, and apply to several key Microsoft technologies, such as DirectX, Front Page, Install Shield, Office, and Internet Explorer. The article also mentions how this is not Microsoft's first use of open-source code in its software, but does point out that since zlib is not GPL'd they are under no obligation to release the source code to any of their products."

8 of 470 comments (clear)

  1. Darn! by sysrequest · · Score: 1, Flamebait
    "[...]but does point out that since zlib is not GPL'd they are under no obligation to release the source code to any of their products."


    Darn, and I thought they were caught with their pants down.

    But to me it still is interesting that a company that is trying to stomp every competitor, and is spreading so much FUD about any sort of free or open software is using it themselves. (We all knew that, I just thought I'd emphasize it again.)
  2. Slow, buggy M$... by IO+ERROR · · Score: 1, Flamebait

    Microsoft is still trying to determine which apps incorporated zlib code? My Linux box already has all its apps fixed. How long until M$ gets patches out? Weeks? Months?

    --
    How am I supposed to fit a pithy, relevant quote into 120 characters?
  3. Re:Just waiting for the press release... by Anonymous Coward · · Score: -1, Flamebait

    It's very interesting...I was talking with the CTO of a company that is partnered with MS and he said in their agreement it says they can't use any OpenSource code in their products. Strange that MS doesn't practice the same.

    Oh well .NET is looking quite cool...sad to say it but Linux is dying largely because Java is taking a backseat to this .NET stuff.

  4. Re:If we can't see MS's source by Mr+Windows · · Score: 2, Flamebait

    That's OK in principle, but how can anyone who looks at a piece of code know whether it really was written by MS or was GPLed with the serial number (erm, copyright notice) filed off? MS removed the copyright notice of zlib, according to the article, so it's not beyond them to do that with a piece of GPLed code. Not that I'd ever suggest that they'd do such a thing, but it's obviously very hard to check for plagarism (unless MS put all their code through turnitin!).

  5. you make this crap up by Anonymous Coward · · Score: -1, Flamebait

    you make this up /.

    anything to bash MS you spread, don't matter WHO makes it up.

    What do YOU want to do today?
    /. says "Bash Microsoft"

  6. Re:... pants on fire! by kz45 · · Score: 0, Flamebait

    then go to court to make them release all their software as Open Source.

    This statement proves that you hate MS products, solely on the basis of ideals (IE: Proporietary).

    Otherwise, why bother having the Microsoft source? They suck right?

    Just because microsoft used OSS in their operating system, doesn't make open source as a whole better. It makes the BSD stack better. this would have happened regardless of the license. (if it was any different, microsft probably would have just bought it).

  7. Re:Seriously? Microsoft use open source code? by Anonymous Coward · · Score: -1, Flamebait

    You couldn't tell SysV from VMS by their installations. Shut the fuck up you naive teenager and stop "flashing words" to make yourself appear somehow intelligent. You appear stupid and pompous. LASTLY, The shell model Windows followed was dropped long ago. Fuck off.

  8. Re:IM TOTALLY SICK OF THIS SHIT by Anonymous Coward · · Score: -1, Flamebait

    You've gotta remember that some of these people, in particular the people who run this site, view it all as a holy war. There's good and there's evil. Linux and Open Source is good and Microsoft is evil.

    That kind of ninny-headed thinking is probably one of the worst threats facing the viable future of Open Source/Free Software. Interesting projects like Linux become a platform for nutcases with a grudge. All the creeps who flooded the Amiga, OS/2, and Macintosh community have made their way over to Linux, and they're draggin' it down.