Slashdot Mirror


Weekly Microsoft Critical Security Issue

An anonymous reader sent in linkage to a zd story discussing the latest Windows Security Patches including an especially nice hole letting Java apps gain total control of your machine and assist you in reclaiming disk space by, say, reformating your drive.

5 of 455 comments (clear)

  1. Not quite true... by presroi · · Score: 4, Insightful

    I don't agree with the intention of the message. While it is true that this bug allows the execution of commands, it does this only with the rights of the owner of the user account. In Unixian, this is not a remote root exploit.

    Nevertheless, my last sentence becomes quite irrelevant, as Windows user tend to work as $root.

  2. Not overly suprising by dtolton · · Score: 4, Insightful

    As the main post points out this is pretty much a weekly news release from Microsoft. It's interesting because in some ways I get suprised by the severity of the bugs such as allowing a huge hole in the Java VM, that would allow someone to format your hard drive or a bug in Proxy Server that would allow a single mal-formed packed to max the CPU at 100%. On the other hand I'm suprised Microsoft doesn't have more of these bugs.

    I think this is where the philosophical differences of Open Source Software really make a big difference. Even though OSS still has bugs, the live testing cycle is un-paralleled. However I think the biggest difference boils down to this: there is no one saying we have to have this product out the door by XX date. Rather it becomes stable when it's ready, but you can use the development version if you need or want.

    As the lines of code in software grows and the complexity increases, I think we will see a greater number of more sever bugs in closed source systems. Ultimately I believe this will be one of the critical factors leading to OSS's long term success.

    --

    Doug Tolton

    "The destruction of a value which is, will not bring value to that which isn't." -John Galt
  3. Re:jvm by fervent_raptus · · Score: 5, Insightful

    I doubt Microsoft would intentionally break their over version of Java. Of course they want to make Java look bad, but creating holes in their own version would simply cause people to switch to Sun's version.

  4. Clueless by Thomas+A.+Anderson · · Score: 5, Insightful

    You're right... Last year Readhat issued nearly twice as many security bulletins as Microsoft.

    I'm sure the above is a troll, but I'll answer anyways. When you install windows, you get, well, windows. And internet explorer, and freecell. That's about it.

    When you install linux from RedHat (or Mandrake or...) you get the OS, severl browsers and mail clients, 2+ office suites, 4+ text editors, java, perl, c, python, 25+ games, 3+ window manages, etc (not that you have to install all that - but they're available in the install).

    I'd say Redhat is doing great to only have 2x the security bulletins as microsoft considering they supply 4x or 5x the software on their cd's.

    Plus, it's been documented many times before that bugfixes are available much quicker in the OS world than the MS world.

    I'm increasingly convinced that Linux is dying off. The lies and distortions we are seeing on slashbot have become more and more desperate over the past two years.

    Name one "lie" regarding linux that you've seen on slashdot that's demonstratable not true (articles only, not posts). Remember, nobody is going to agree with all the opinions expressed on this site.

    --
    Personally its not God I dislike, its his fan club I cant stand (bash.org)
  5. Re:I don't understand... by caluml · · Score: 4, Insightful
    I know for damn sure that nobody's getting into mine without permission.

    That's quite a statement.. ;)
    I'm not saying I could do it... But there are some very clever people out there. One thing I've learned is never to underestimate others.

    So, stick a file on your machine with your online bank details, and your credit card numbers, and post your IP address :)