Slashdot Mirror


Windows Vulnerabilities Revealed, Patched

Saint Aardvark writes "A big MS Windows remote vulnerability has just hit BugTraq. It concerns a buffer overflow in MS' DCOM, and affects Win2k through Server 2003; here's the security advisory from Microsoft. This is in addition to an earlier vulnerability concerning conversion from HTML to RTF - there's a separate security advisory from Microsoft for this one, and it affects Win98 and NT 4.0 through Server 2003. Patch early, patch often." There's also a CNET News story with a little more explanation on the newest vulnerability.

8 of 445 comments (clear)

  1. *G* by rylin · · Score: 5, Funny

    So much for homeland security ;)

  2. heh by Anonymous Coward · · Score: 5, Funny
    Microsoft admits critical flaw in nearly all Windows software

    ...The announcement came one day after the Department of Homeland Security announced that it awarded a five-year, $90-million contract for Microsoft to supply all its most important desktop and server software for about 140,000 computers inside the new federal agency

  3. Dupe by Anonymous Coward · · Score: 5, Funny

    We just had a story about a security vulnerability in WIndows!

  4. What do you know... by GMFTatsujin · · Score: 5, Funny

    The only thing that works correctly in Windows ME has finally been discovered.

  5. hah! by kritikal · · Score: 5, Funny

    "allow an attacker to take control of computers running any version of Windows except for Windows ME."

    all you people who said i was stupid for running windows me, look who's laughing now!

  6. one step ahead by fihzy · · Score: 5, Funny

    10) find big remote vulnerability in product
    20) perfect the exploit
    30) have fun with it for months
    40) find another big hole in same product
    50) perfect exploit for hole
    60) alert vendor about original hole
    70) have fun with new hole
    80) goto 40

  7. Sure. by foobario · · Score: 5, Funny

    "The software giant issued a patch Wednesday morning to plug a critical security hole that could allow an attacker to take control of computers running any version of Windows except for Windows ME."

    Hell, even legitimate users of Windows ME can't take control of their computers...

  8. Re:Bad by EvilTwinSkippy · · Score: 5, Funny
    But if you keep port 135 open on your DMZ boxes, you deserve to be hanged with a piece of CAT-5 cable.

    Most network admins are too portly and would sheer CAT-5 cable. Better to use Fiber-Optic cable. It has a higher tensile strength.

    --
    "Learning is not compulsory... neither is survival."
    --Dr.W.Edwards Deming