MSIE Uber-patch Of The Month
mkraft writes "Microsoft released another security patch for Internet Explorer to fix 6 'new' vulnerabilities. Info on the patch can be obtained via download or Windows Update. Not sure what 6 things the patch fixed, but I'm assuming they fixed 6 of the 14 known exploits listed at http://jscript.dk/unpatched/"
Maybe not even all six -- the maintainer of the above URL
claims in a post to Bugtraq
that Microsoft got some facts wrong and "patched a symptom" of one of the vulnerabilities, "not its root cause," and that IE5 and IE5.5 remain unpatched with the same "Critical" vulnerability.
Also, please compare to previous MSIE Uber-Patches Of The Month:
December 2001, 3+? holes in IE;
March 2002, 2+? holes in IE;
April 2002, 2+? holes in Mac IE.
Microsoft released another security patch for Internet Explorer
Is it Thursday already?
--saint
Saying you're trying to fix all the holes in IE is like saying you mean to turn a sieve into a bowl.
::shudder::).
Seriously, it seems they are finally turning around and trying to make their products more reliable. They've come a long way since Win95 (or WinME...
The speed of time is one second per second.
luckily several other competing browsers have much less patches that have to be applied.
netscape - doesnt have any holes - it crashes before anyone have time to exploit them.
mozilla - its not called holes, its a feature until further notice.
opera - pages download quick, dont they? then stfu.
you know - with this many patches, IE is moving from the realm of science fiction to high fashion!
It's all that Microsoft non-compliant human behavior. As soon as they fix that the need for patches will go away.
A feeling of having made the same mistake before: Deja Foobar
With this patch, IE will finally be perfect and I can sleep in peace knowing that Big Bill® is watching over me.
Don't anthropomorphize computers, they don't like it.
2. Choose a cool marketing name for the hole, like "achilles' hole" or such. Make it fancy.
3. Call the news agencies. Once there is a fancy marketing name, they will jump on it and create public hysteria. Remember "Code Red" ? It was just like any other worm attack except that it had a cool name for the media blew it way out of proportion.
4. Watch the patches roll in.
5. Lather, rinse, repeat. Every six weeks should do it. The public should see a pattern sooner or later.
That's not Windows Update; i own your box and have been busy setting it up the way i like it.
--
Mod up a post Rob doesn't like and you'll never mod again