Slashdot Mirror
Microsoft Notes Critical Security Holes in Windows, Office
Scoria writes "CNN is reporting that the infamous Microsoft has disclosed six critical Internet Explorer vulnerabilities, including some that would allow an attacker to execute arbitary commands. According to the relevant TechNet bulletin, a cumulative patch has been released to address them." Please be sure to read the EULA before installing the patch.
As my grandfather who was a doctor said, "Doctors, mechanics and others like these all benefit from the misfortunes of others".
Today I just spent 3 1/2 hours updating security patches on a group of machines in an office for office 2000. The people there are annoyed about all the patches, and we joked about it being "this months security update". Now there's this, and I'm going to be called in again to update their machines. On one hand it's irritating, on the other hand it gives me more work, which I need at the moment.
A few of them are curious about Linux, and I keep it in their mind - not telling them that it will solve all their problems, but that in the near future it may be beneficial for them to consider it. I let them know an alternative is there, and they are positive, no knee-jerk reactions. I'm honest to them about it's advantages and disadvantages - where it will help them and where it will be a challenge. When the time is ripe they will change over - it is inevitable. This won't eliminate the need for security patches, but I hope through the use of thin clients only one or two machines will ever need updating.
What if Microsoft has an API to by pass the filters Zone Alarm hooks in?
I have never seen the sense in firewalling a machine with the same machine.
Maybe it's just me, but I fail to see a single mention of the EULA, much less a statement that it changes when you apply this patch. Even when installing, the only dialog presented to the user is the "Do you want to install this update?" box. I'm as concerned as the next guy about Microsoft's propensity to sneak in unannounced EULA changes and automatic updates without telling you, but let's not point fingers where there's nothing to see.
People who actually examine the patches on their Open Source O.S. raise your hands.
Linus put your hand down.
Seriously, we should be pushing for accountability, not a world were everybody's grandma has to learn C++ just to make sure that the big bad software company hasn't installed a trojan horse.
When you got your oil changed last, did you take the engine apart to make sure that your mechanic didn't put a rabbit in there?
I know that you probably change your own oil. It's an example.
*everything* is Orwellian to cats.
Hey, those of you who actually operate a printing press raise your hands.
See? There's only about three of them. There's no point in freedom of the press if only three people use it.
Ok, now everyone who's been arrested this week raise your hands.
Only a couple dozen out of a couple hundred thousand? Ok, no point in rights for the accused, then.
Next up, let's see how many of you are black. Only about ten percent? Well, what's the point in those equal protection and non-discrimination clauses? Most people don't need them.
No, because I could sue my mechanic for breaking my car. I can't sue Microsoft for breaking my computer.