Windows Vulnerabilities Revealed, Patched
Saint Aardvark writes "A big MS Windows remote vulnerability has just hit BugTraq. It concerns a buffer overflow in MS' DCOM, and affects Win2k through Server 2003; here's the security advisory from Microsoft. This is in addition to an earlier vulnerability concerning conversion from HTML to RTF - there's a separate security advisory from Microsoft for this one, and it affects Win98 and NT 4.0 through Server 2003. Patch early, patch often." There's also a CNET News story with a little more explanation on the newest vulnerability.
So much for homeland security ;)
We just had a story about a security vulnerability in WIndows!
The only thing that works correctly in Windows ME has finally been discovered.
"allow an attacker to take control of computers running any version of Windows except for Windows ME."
all you people who said i was stupid for running windows me, look who's laughing now!
10) find big remote vulnerability in product
20) perfect the exploit
30) have fun with it for months
40) find another big hole in same product
50) perfect exploit for hole
60) alert vendor about original hole
70) have fun with new hole
80) goto 40
"The software giant issued a patch Wednesday morning to plug a critical security hole that could allow an attacker to take control of computers running any version of Windows except for Windows ME."
Hell, even legitimate users of Windows ME can't take control of their computers...
Most network admins are too portly and would sheer CAT-5 cable. Better to use Fiber-Optic cable. It has a higher tensile strength.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming