Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft, zlib, and Security Flaws

Posted by timothy on from the not-the-security-initiative-we-had-in-mind dept.

nakhla writes: "News.com is reporting that Microsoft's use of code from the open-source zlib library has led to possible security problems. The flaws in zlib were reported recently, and apply to several key Microsoft technologies, such as DirectX, Front Page, Install Shield, Office, and Internet Explorer. The article also mentions how this is not Microsoft's first use of open-source code in its software, but does point out that since zlib is not GPL'd they are under no obligation to release the source code to any of their products."

9 of 470 comments (clear)

  1. Just waiting for the press release... by Nonesuch · · Score: 4, Funny

    Any bets on how long before Microsoft issues a press release noting that this is yet another risk of using evil open source and open standards?

    --

    I do not deploy Linux. Ever.
  2. This wouldn't have happened... by bourne · · Score: 2, Funny

    ...if the government hadn't worked so hard to limit Microsoft's ability to innovate.

    :P
  3. Now what would have been interesting... by borgquite · · Score: 4, Funny

    is if when they released the patch for the security flaw they made the patch GPL... just imagine Microsoft having to recode all that stuff for themselves :)

    --
    ' Ore stabit fortis a fine placet ore stat '
    - found on a park bench
  4. Memo from Bill by soap.xml · · Score: 1, Funny

    Development Team,
    Thank you! I have been saying for years that Open Source is EVIL! Now we have even more proof. With this latest failure of open source code we can push even more people into using our products. We can even say that we "tried" to use open source, and look what it brought us. Once again, Thanks! Marketing and I appriciate it.

    -Bill

  5. Borrowed Code? by Spit_Fire1 · · Score: 2, Funny

    The next-generation Graphics Device Interface is part of Windows XP, meaning that the operating system itself could be at risk.
    the colors were just screaming security flaw already weren't they?

    Yet, the incident seemingly proves that Microsoft, despite dismissing open-source code publicly, has used software from others to create their own products.
    And now they are forced to admit what we already knew, they haven't written anything original since...well...ever! :P

    The zlib compression library doesn't use the GPL, however.
    and the war between MS and GPL coninues, maybe the linux community could use Anime-based uniforms to storm microsoft and take the code back.

    --

    "The secret of success is to know something nobody else knows." -Aristotle Onassis
  6. Re:Seriously? Microsoft use open source code? by Anonymous Coward · · Score: 1, Funny

    A guy with the email address 'fake@nospam.org' is challanging someone else's credentials??

    heh

  7. Re:oh goody by pyrrho · · Score: 3, Funny

    > have never spent time with Windows 2000.

    I'm sure this is a typo. You must have meant "did time".

    --

    -pyrrho

  8. Take Us Right Down by Anonymous Coward · · Score: 0, Funny



    Please tell me: what does HURD rhyhme with?

    Trollnificent!

  9. Re:InstallShield by ChrisDolan · · Score: 5, Funny

    Similarly, IE is not written by Microsoft either. It's alien technology. It was discovered by a MS coder who stumbled on a crashed spacecraft while hiking in the woods in the mid-90s. Using him as a vessel, the program infected the Windows codebase and has grown since then, digging it's tendrils deeper and deeper into the system.

    So when MS says they can't remove IE from Windows, it's true.