New Windows Vulnerability in Help System
wesleyt writes "CERT announced today a significant Microsoft Windows vulnerability related to IE and its handling of the Windows help subsystem. There are currently no patches available and no virus definitions for the major scanners. As well, exploits have been reported in the wild. Because the vulnerability is in the help subsystem, even users who avoid Outlook and IE are vulnerable, since IE is the default handler for help files. It seems that this is going to be an ugly one."
Thanks but no, thanks. Their official SP_s are known to break plenty of stuff. Why would anybody want to muck around with RC ones?
Here is a list of WEEKLY security vulnerabilities in all Linux distributions.
Do you ever see any of them mentioned on Slashdot? Of course not. That's because it would reveal to people that operating systems are not perfect and never will be--and the fact that this is the first Slashdot "vulnerability" article on Windows in quite a while now is a feat considering Windows' massive marketshare and usage. I'm sure the editor was just dying to get it posted since it's been a little while. Meanwhile, the Linuxsecurity site shows that Linux distros have multiple security advisories every week.
Point? No point other than to point it out. No problem with Slashdot reporting these things, but pretending there's no agenda behind it--especially considering Slashdot is owned by a Linux company for whom it is in the best interest of to post "news stories" that happen to dump on competitors--is being purposely naive.