Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Notes Critical Security Holes in Windows, Office

Posted by ryuzaki0 on from the another-day-another-patch dept.

Scoria writes "CNN is reporting that the infamous Microsoft has disclosed six critical Internet Explorer vulnerabilities, including some that would allow an attacker to execute arbitary commands. According to the relevant TechNet bulletin, a cumulative patch has been released to address them." Please be sure to read the EULA before installing the patch.

10 of 530 comments (clear)

  1. Sad state of affairs.... by jerkychew · · Score: 3, Interesting

    It's sad that, when I saw that the patch was released, the first thing I thought was, "I hope the EULA won't force me to accept automatic installs from now on."

    I think I'd rather have an insecure system than one that gives MS carte blanche to install what it wants. There's something wrong with that.

    1. Re:Sad state of affairs.... by DrSkwid · · Score: 4, Interesting

      what's the point of having an extra box to do what your computer can do already?

      do you even have (a)/dsl?

      Checking my log for today I've had over 50 people try and initiate unauthorised connections. The only server I run is HTTP and ident so there's no reason for any of them to try any other ports than those.

      nslooking up their ip and I get mostly dial-up users or No such server.

      Windows shares are the usual culprit. I did some scanning myself after cable modems launched in our area. I found myself on someone's shared C: drive will full rights. I trawled through some files to try and get some sort of ID. c:\program files\icq\ did me nicely and I was able to get the person's ICQ number. I looked them up on the ICQ whitepages and couldn't believe it when it turned out to be my uncle!

      You don't need to waste a whole PC on it either

      I've got one of these :

      befsx41

      Works great, no trouble in 3 years. Not a single piece of software has had trouble with it. Can't recommend it enough for home/soho users.

      --
      There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  2. SSL? by giminy · · Score: 4, Interesting

    Am I the only who noticed this does not include the fix for invalid SSL certificates? Pretty big (and very expensive) problem, I think....

    --
    The Right Reverend K. Reid Wightman,
  3. And even on 2000/XP by Flower · · Score: 4, Interesting

    You have to reboot to complete the installation. Great. Now all my server updates (please do not ask why, I just follow orders) are going to be a joy. I can't believe I have to reboot to patch a damn browser.

    --
    I don't want knowledge. I want certainty. - Law, David Bowie
  4. Re:Irritating but beneficial too by AntiNorm · · Score: 3, Interesting

    Today I just spent 3 1/2 hours updating security patches on a group of machines in an office for office 2000.

    If you don't like constantly having to patch MS Office, then don't use it. There are plenty of alternatives, including WordPerfect Office Suite, which is what I use.

    --

    I pledge allegiance to the flag...
    of the Corporate States of America...
  5. About the leaked corp edition... by Kredal · · Score: 3, Interesting

    If someone with the corporate edition key for XP Pro installed SP1, would they be able to apply this patch as well? I thought the SP1 would lock out all further updates?

    --
    Whoever stated that signature sizes should be limited to one hundred and twenty characters can just go ahead and kiss my
  6. Re:ha! by phil+reed · · Score: 5, Interesting
    this happens time and time again and will continue to happen until microsoft sees the light and figures out that they don't write good software.


    They already know. Remember a couple of months ago, when Microsoft VP Jim Allchin who stated, under oath, that there were flaws in Windows so great that they would threaten national security if the Windows source code were to be disclosed. The architecture of Windows is inherently insecure and cannot be fixed. Read all about it here.

    --

    ...phil
    "For a list of the ways which technology has failed to improve our quality of life, press 3."
  7. Truly ironic by Codex+The+Sloth · · Score: 5, Interesting

    Especially considering to get the "Designed for Windows 2000 / XP" Logo on your software, you have to have an install that doesn't require a reboot.

    --
    I am not a number! I am a man! And don't you ... oh wait, I'm #93427. Ha ha! In your face #93428!
  8. Is there a "we can turn you off" clause? by Animats · · Score: 3, Interesting

    Does this EULA have the infamous "we have the right to turn off functionality and delete files" clause that Microsoft has been putting in EULAs lately, in preparation for extra-aggressive digital rights management?

  9. EULA a form of coercion? by Eric+Damron · · Score: 3, Interesting

    I wonder if Microsoft's EULA could be considered a form of coercion? Look at it this way:
    Microsoft creates a flawed piece of software. They sell it to millions of unsuspecting victims under one EULA.

    Then, they release patches for flaws that are serious enough to destroy a business if left uncorrected. They tell the victims: ?Agree to this new EULA that takes away many of your rights or we won't fix our software!?

    --
    The race isn't always to the swift... but that's the way to bet!