Slashdot Mirror


Microsoft Security Patch Fixes URL Security Flaw

loteck writes "Microsoft has just released Security Update 832894. According to their official information, it affects all NT kernel versions of Windows and most versions of Internet Explorer. Here's a rundown of the important fixes, notably 'A vulnerability that involves the incorrect parsing of URLs that contain special characters' in Internet Explorer, as previously discussed on Slashdot."

15 of 545 comments (clear)

  1. Does this mean by AuMatar · · Score: 5, Funny

    I can stop typing in all my links by hand?

    Oh wait- I use Mozilla. I didn't need to do that anyway.

    --
    I still have more fans than freaks. WTF is wrong with you people?
  2. the needed patch by vargul · · Score: 4, Funny

    hm... they should patch IE up to be mozilla for example... that could be called a patch...

    --
    Aure entuluva!
    1. Re:the needed patch by roystgnr · · Score: 4, Funny

      Yes, Mozilla is better than IE in alot of cases... but don't forget, the average user still uses the internet for email, online banking, and news sites.

      So do I.

      And guess where you are more than likely to run into an "I.E. reccomended" site? Online banking.

      Not at my little bank.

      Reality is, Mozilla is a far way from replacing I.E.

      Well, if your bank sucks, I suppose so. I'd be curious about which bank it is, though; the only place I still see "You should have Internet Explorer!" pages is zone.msn.com.

    2. Re:the needed patch by pantycrickets · · Score: 3, Funny

      u obviously got the point. that is why i wrote: patch it up to be mozilla

      u r the kind of peeps i wud take advice from.

  3. Patches being sent by email by Anonymous Coward · · Score: 3, Funny

    Now check your in-boxes and make the InterWeb a Safer Place TM.

  4. HA HA NICE TRY by Anonymous Coward · · Score: 5, Funny

    Nice try Microsoft. I'm not clicking links while running IE, as per your instructions!

  5. Wow Security update # 832894 by Anonymous Coward · · Score: 5, Funny

    I wonder what happened to the other 832893 security updates?

  6. Here are the patches: by HungWeiLo · · Score: 5, Funny

    So you don't have to match up the knowledge base numbers in WindowsUpdate:

    Here
    Here
    Here
    Here

    --
    There are a huge number of yeast infections in this county. Probably because we're downriver from the bread factory.
    1. Re:Here are the patches: by QEDog · · Score: 4, Funny

      Can I click those, or should I type the address instead?

      --
      "There is no teacher but the enemy."-Mazer Rackham
  7. Be sure to type in that link manually. by Anonymous Coward · · Score: 5, Funny

    I saw it on tv last night. I think it was

    http://microsoft.com/download/patch/win32/2004/f eb/en/?&mid=2304520392lHKJH09728037420987&dll=LKJ2 3L4SD09UVC9432J5JS-9UDFLKJN345U9SLKJ4L5U0SJCS4

  8. Ironic given an email my mom got by MemRaven · · Score: 5, Funny
    My mom got this email this morning which purported to be from someone at Microsoft referring to this exact patch as something she could download. The only problem (aside from the fact that even my mom wouldn't have been dumb enough to type sensitive information into a form like that, AND she uses Mozilla anyway) is that the link in the email USED the flaw that it was telling her to fix.

    In other words, some email/CC#/whatever harvester decided to pull a funny and use the correction for this flaw as a way to exploit the flaw. Now that I see that the described patch is legitimate, I'm actually laughing internally at the delicious irony.

    By the time my mom got the email, the target web site had already been taken down by the sysadmin of the host.

    None of this is to condone the action of the scum who blasted the email, but come on, that took some balls.

  9. special characters? by andman42 · · Score: 5, Funny

    'A vulnerability that involves the incorrect parsing of URLs that contain special characters' in Internet Explorer

    Yeah, the special characters www.google.com now correctly parse to search.msn.com

  10. click here by danZenie · · Score: 5, Funny

    i threw away my mouse when they suggested no clicking on URLs. now they fsck it and i have now mouse, what am i gonna do? hmmm, i should post this as an "ask slashdot".

    --
    You need people like me so you can point your fuckin fingers and say, "That's the bad guy." So what that make you? Good?
  11. security coverage? by Anonymous Coward · · Score: 5, Funny

    This patch doesn't cover much, it's more like a Security pastie.

  12. Re:From Microsoft Security Bulletin by lsdino · · Score: 4, Funny

    1. They are convinced the monitor is actually the computer. I don't know what they think that big tower does, but since they have it piled high with boxes, blankets, and it holds up their space heater, they've more than likely forgotten that its there.

    Oh, come on, everyone knows the big tower is the hard drive! :)