MSIE Uber-patch Of The Month

Posted by ryuzaki0 on Thursday May 16, 2002 @05:50AM from the windstorm-'97 dept.

mkraft writes "Microsoft released another security patch for Internet Explorer to fix 6 'new' vulnerabilities. Info on the patch can be obtained via download or Windows Update. Not sure what 6 things the patch fixed, but I'm assuming they fixed 6 of the 14 known exploits listed at http://jscript.dk/unpatched/" Maybe not even all six -- the maintainer of the above URL claims in a post to Bugtraq that Microsoft got some facts wrong and "patched a symptom" of one of the vulnerabilities, "not its root cause," and that IE5 and IE5.5 remain unpatched with the same "Critical" vulnerability. Also, please compare to previous MSIE Uber-Patches Of The Month: December 2001, 3+? holes in IE; March 2002, 2+? holes in IE; April 2002, 2+? holes in Mac IE.

2 of 357 comments (clear)

Min score:

Reason:

Sort:

Uh huh. Meanwhile, in Mozilla... by Anomolous+Cow+Herd · 2002-05-16 05:59 · Score: 0, Flamebait

This is just silly. Does Slashdot post a huge exposé every time someone fixes another crippling security hole in Mozilla? Really, it's this kind of duplicity that bothers me about Slashdot. Surely, Microsoft isn't the only one who writes occasionally buggy software?

--

"I don't know that atheists should be considered citizens, nor should they be considered patriots." - George Bush
The difference is... by Steveftoth · 2002-05-16 06:01 · Score: 1, Flamebait

When a kernel patch comes out it usually consists of fixes to features (speed, stability, etc.) and yet more new features. Read the changelogs, that's what they are.

When MS releases an IE patch it's because they need to fix the ability for some random porn site to install software on your computer. Or make it easier to spy on you with their messenger client.

Not that this affects me at all as I only use mozilla now.