Microsoft Notes Critical Security Holes in Windows, Office

Scoria writes "CNN is reporting that the infamous Microsoft has disclosed six critical Internet Explorer vulnerabilities, including some that would allow an attacker to execute arbitary commands. According to the relevant TechNet bulletin, a cumulative patch has been released to address them." Please be sure to read the EULA before installing the patch.

Great!

[RhetoricalQuestion]

Arbitrary commands run by strangers if I don't,
Arbitrary commards run by Microsoft if I do.

If only more sites complied with standards, I could dismiss MS entirely for Opera.

Re:Great!

[gosand]

Arbitrary commands run by strangers if I don't,
Arbitrary commards run by Microsoft if I do.

You know, I think I would rather trust the strangers.

No need for this patch.

[geoffeg]

Windows Update (windowsupdate.microsoft.com) has a description of this security patch, the last line of which reads:

Download now to continue keeping your computer secure.

So apparently my computer is allready secure and there is no need to download the patch then!

Silly Microsoft.

Re:And even on 2000/XP

[catfood]

The browser is an integral part of the operating system!

Re:SSL Cert.

[gosand]

they still havn't patched the SSL certificate problem in IE/Windows.

That's because their PR people haven't acknowledged that it is a problem yet. Give them 6-8 months. Sheesh, you Open Source people sure are impatient.

Re:Suprise suprise suprise....

[Cutriss]

Yet six more reasons why I dont allow my family to connect to the internet using MS. They can't be trusted.

Who? Microsoft, or your family? :-)

Re:Sad state of affairs....

[Mirk]

People who actually examine the patches on their Open Source O.S. raise your hands.

Linus put your hand down.

First off, this is funny! :-)

But it does kinda miss the point, as no doubt many people will be quick to explain. (Don't you think ``You missed the point'' should be the Official Slashdot Motto? :-)

The point is that if a patch is open source, and if only 1% of the 10,000 people who install it bother to read through, then that's still 100 pairs of eyeballs that will spot any funny business. So, crucially, the other 99% (and yes, I admit to falling into the 9,900 here more often than not) also benefit from the code's openness.

Summary: I don't want it open so I can look at it; I want it open so Linus can look at it for me and tell me if there's anything wrong with it! :-)

ObDisclaimer: no, I'm not really a degenerate freeloader. Usually I am in the 99% that doesn't read the code. But every often - say 1% of the time - I will read it. See also my open source Net::Z3950 module at perl.z3950.org before you dare question my Free Software credentials. Infidel! :-)

OK , OK, we get it

[ellem]

Hell, my 3 year old son gets it OK?

(While playing Zoboomafoo Alphabet the Critical Update came onto the screen obscuring the Lemurs. "Daaaad stupid Windows is bothering me!")

Re:Irritating but beneficial too

[MrResistor]

Don't do it! (Install Linux for them, I mean) Your support calls will dry up!

I installed a Linux fileserver at a company I used to work at, and when I was laid off we agreed that they would call on me if they ever had a problem with the server and we would "work something out". I haven't recieved a single call, and it's been over 6 months! When I run into my former coworkers at the store and such I ask them how the servers doing and they always say "Great, we haven't had a single problem".

If you depend on support calls to make your living, the last thing you want to do is install Linux!