Slashdot Mirror


MSN, Word Vulnerable To Shell: URI Exploit

LnxAddct writes "InfoWorld is reporting that a few Microsoft products are also vulnerable to the "shell:" scheme vulnerability found in Mozilla last week. These applications include Microsoft Word and MSN Messenger."

20 of 392 comments (clear)

  1. Fixed in SR2? by djtripp · · Score: 3, Funny

    Well at least Mozilla will fix theirs...

    --
    "This is you left and that's your left. This is your right and that's your right. You're gonna die!
    1. Re:Fixed in SR2? by ROOK*CA · · Score: 4, Funny

      Mozilla already fixed this vulnerabilty (Mozilla 1.7.1 & FireFox 0.92) took what 3 or 4 days after it was discovered ?

      Microsoft will surely fix this in no more than 2 "Microsoft" Days which is around 6 months for the rest of Earth's population.

  2. indiana jones quote by Jrod5000+at+RPI · · Score: 3, Funny

    Intelligence Guy: "We have top men working on it right now."
    Indy: "Who?"
    Intelligence Guy: "Top... Men..."

  3. Haha by mboverload · · Score: 2, Funny
    Looks like Microsoft has been copying some source

    =P

  4. Quite a coincidence by cookie_cutter · · Score: 3, Funny
    How obscure is this bug?

    If it's non-obvious and contrived, is it reasonable to assume that Microsoft could be lifting, or at least peeking at, code from the mozilla project and replicating it in their own browser?

    Naw; if that were true, IE wouldn't suck so much.

  5. Re:Open Source vs. Microsoft by Anonymous Coward · · Score: 3, Funny

    Well now, let's see how long it takes for their patch to come out.

    Not as fast as the FUD they'll put out.

  6. Two words come to mind by peragrin · · Score: 2, Funny

    HA HA

    Does it also count as the obligatory Simpson's quote?

    --
    i thought once I was found, but it was only a dream.
  7. Re:Goes to show... by tolan-b · · Score: 3, Funny

    Oh good, I'll go and download SP2 then... What's that? It's been delayed to mid-August? Oh dear!

  8. Re:Can only allow programs to be run... by Lord+Bitman · · Score: 2, Funny

    You don't?

    --
    -- 'The' Lord and Master Bitman On High, Master Of All
  9. Re:My mind is spinning by DeepHurtn! · · Score: 2, Funny

    MS Bugs: They're the New SCO.

  10. URI!? by DonniKatz · · Score: 3, Funny

    As the University of Rhode Island (URI) University College Representative in the Student Senate, I can assure you that no student at the University of Rhode Island is exploiting Microsoft Word... we're only pirating it.....

  11. Price is Right Rules by funkdid · · Score: 5, Funny
    How about we have a /. pool, with Price is Right Rules.


    Here'show it works:

    You predict the next security flaw,exploit etc etc etc and what product it will hit. Apache buffer overflow (smart money says don't pick that one), Word vulernability etc. This could be cool.

    Dibs on Wednesday IE exploit.

    --

    I boycott signatures

  12. Re:Mac's safer if no MS code on them by Anonymous Coward · · Score: 2, Funny

    >In my 20+ years of using a Mac and getting only one virus

    You also only have one mouse button, so I wouldn't be too proud.

  13. Re:Mozilla Bug 163767 by fireman+sam · · Score: 2, Funny

    "They should just disable unsecure stuff by default."

    What, disable the Windows builds? But what about all the people wanting to switch from IE?

    NB: this was an attempt a humor

    --
    it is only after a long journey that you know the strength of the horse.
  14. I can see the next /. story now... by twalls · · Score: 2, Funny

    "A new security report today reveals that all computers are vulnerable to the latest of a series of never-ending security exploits. This latest flaw, which manufacturers are unwilling to disclose the details of at this time, has been proven to exist on all platforms and affects all operating systems. Manufacturers are currently working together to find a solution. Until then, security experts are recommending that users unplug their machines from any cables that connect to the walls. Critics suggest that even this solution has flaws as some are using wireless technologies to circumvent the wires. Industry analysts suggest that the latest exploit is linked to other reports on 'user stupidity' and 'God's wrath on civilization as we know it.'"

  15. 'Run' has this flaw too! by Finuvir · · Score: 2, Funny

    If you open the run dialog and type shell:windows\notepad.exe it opens it. That means Run has this flaw too!

    --
    Why is anything anything?
  16. Re:Goes to show... by Anonymous Coward · · Score: 5, Funny

    emacs will hit version 1.0 when it can shake the programmer's hand, look him in the eye and say "I'm ready."

  17. shell:fdisk by HermanAB · · Score: 2, Funny

    shell:format

    shell:win

    shell:deltree%20y%20\

    shell:deltree/20y/20\

    shell:"deltree y \"

    Damn - I'll have to install windoze just to give it a try!

    --
    Oh well, what the hell...
  18. no command prompt? use batch files! by Tiuq · · Score: 3, Funny

    At school the command prompt is disabled, and you can't right click and make a new batch file, and you can't rename the extensions so in order to run some commands all you have to do is write them in notepad, and then tell it save as "all files" and then give it the .bat extension. We sure did have a lot of fun with the netsends :P until someone put it in a loop and the teacher found out.

  19. Re:Emacs on version 21.3 by kikta · · Score: 2, Funny

    That's because it's actually version 0.21.3.1, but the damn thing's been sub-1.0 so long they finally dropped the leading zero.

    Seriously, though - WTF do they want for feature completeness? Emacs is a kernel & a decent text editor away from being an operating system in its own right. ;-)