Slashdot Mirror


MSN, Word Vulnerable To Shell: URI Exploit

LnxAddct writes "InfoWorld is reporting that a few Microsoft products are also vulnerable to the "shell:" scheme vulnerability found in Mozilla last week. These applications include Microsoft Word and MSN Messenger."

10 of 392 comments (clear)

  1. Fixed in SR2? by djtripp · · Score: 3, Funny

    Well at least Mozilla will fix theirs...

    --
    "This is you left and that's your left. This is your right and that's your right. You're gonna die!
    1. Re:Fixed in SR2? by ROOK*CA · · Score: 4, Funny

      Mozilla already fixed this vulnerabilty (Mozilla 1.7.1 & FireFox 0.92) took what 3 or 4 days after it was discovered ?

      Microsoft will surely fix this in no more than 2 "Microsoft" Days which is around 6 months for the rest of Earth's population.

  2. indiana jones quote by Jrod5000+at+RPI · · Score: 3, Funny

    Intelligence Guy: "We have top men working on it right now."
    Indy: "Who?"
    Intelligence Guy: "Top... Men..."

  3. Quite a coincidence by cookie_cutter · · Score: 3, Funny
    How obscure is this bug?

    If it's non-obvious and contrived, is it reasonable to assume that Microsoft could be lifting, or at least peeking at, code from the mozilla project and replicating it in their own browser?

    Naw; if that were true, IE wouldn't suck so much.

  4. Re:Open Source vs. Microsoft by Anonymous Coward · · Score: 3, Funny

    Well now, let's see how long it takes for their patch to come out.

    Not as fast as the FUD they'll put out.

  5. Re:Goes to show... by tolan-b · · Score: 3, Funny

    Oh good, I'll go and download SP2 then... What's that? It's been delayed to mid-August? Oh dear!

  6. URI!? by DonniKatz · · Score: 3, Funny

    As the University of Rhode Island (URI) University College Representative in the Student Senate, I can assure you that no student at the University of Rhode Island is exploiting Microsoft Word... we're only pirating it.....

  7. Price is Right Rules by funkdid · · Score: 5, Funny
    How about we have a /. pool, with Price is Right Rules.


    Here'show it works:

    You predict the next security flaw,exploit etc etc etc and what product it will hit. Apache buffer overflow (smart money says don't pick that one), Word vulernability etc. This could be cool.

    Dibs on Wednesday IE exploit.

    --

    I boycott signatures

  8. Re:Goes to show... by Anonymous Coward · · Score: 5, Funny

    emacs will hit version 1.0 when it can shake the programmer's hand, look him in the eye and say "I'm ready."

  9. no command prompt? use batch files! by Tiuq · · Score: 3, Funny

    At school the command prompt is disabled, and you can't right click and make a new batch file, and you can't rename the extensions so in order to run some commands all you have to do is write them in notepad, and then tell it save as "all files" and then give it the .bat extension. We sure did have a lot of fun with the netsends :P until someone put it in a loop and the teacher found out.