Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Issue Out-of-Cycle Patch for IE

Posted by CmdrTaco on from the download-reboot-repeat dept.

rsw writes "Microsoft will be breaking their normal patch cycle and issuing a patch for the Download.Ject attack (a.k.a. Scob). They claim that the forthcoming patch will be a "long-term solution to the core vulnerability" exploited by Scob." Note that this does not mean that they are replacing IE with FireFox.

13 of 391 comments (clear)

  1. The mounting pressure by Mz6 · · Score: 4, Interesting

    Seems as though all of the exploits coming out against IE has finally got to them. I've counted about 5+ just from the Full Disclosure and BugTraq mailing lists in the past few weeks. All of them different in nature of thier attacks.

    --
    Hmmm.
  2. Firefox by FortKnox · · Score: 4, Interesting

    Note that this does not mean that they are replacing IE with FireFox.

    Good, cause firefox has render problems on slashdot all the time (where as IE doesn't). I don't think its firefox, either, cause it doesn't happen on any other site I go to.

    --
    Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
    1. Re:Firefox by hattig · · Score: 5, Interesting

      I think it is a problem with Firefox. I've noticed that it happens a lot on table layout pages, especially large ones. Livejournal can have the same problem.

      Basically it guesses widths of table cells/columns at some stage, then sticks with them as more of the page loads, and doesn't compensate for the new contents, which may include more tables, which will then overflow other elements on the page. Well, it is something like that. I think it could be solved by merely re-formatting the page after it has fully loaded ... although the simple Resize Font trick fixes everything anyway (ctrl+mousewheel)

    2. Re:Firefox by hattig · · Score: 5, Interesting

      What is sad is the multitudes of fixed HTML examples that Slashdot readers keep coming up with, but still haven't been used even though I remember some of them being done a year ago!

  3. Does anyone use IE anymore? by AngryScot · · Score: 4, Interesting

    and if they do why?

    I mannaged to get my work to use fireFox after showing them a /. thread about it

    --

    All spelling mistakes are due to solar flares...honest

  4. I've migrated ove... by Ratchet · · Score: 4, Interesting

    ...the most finiky of users, my Mom, to Firefox without her even knowing it. Now if Dad would stop playing Solitaire long enough for me to get at his computer then I'd de-IE him as well.

  5. Is there something wrong with me? by Klar · · Score: 3, Interesting

    shhh, don't tell anyone, but I'm still using IE6.. I dunno, I'm just so used to using it, and it seems to work well for me. I haven't had any virus or security problems(that I know of).. I always want to try firefox after reading posts about its power, but man.. IE is just so..so.. easy.

    --
    Boxing Equipment Reviews
  6. My organization just dumped IE for Firefox by gearmonger · · Score: 5, Interesting
    "long-term solution" hee hee ha ha *snort* [coke comes out nose] riiiight.

    Rightly or not, that Homeland Defense notice got some peeps in senior management a little spooked and asked our IT department to start making Firefox the default browser on all new systems they set up for employees.

    As a long-time Mozilla and Firefox user, I couldn't be happier. Whether it's the right reason or not, I couldn't care -- at least there's a hint at the IE domination trend slowing down a bit, and that is good for consumers.

  7. IE vs Mozzy by Anonymous Coward · · Score: 3, Interesting

    Microsoft may have won the browser-war in the late 1990's but at what cost???

    Mozilla/Netscape as of the last couple of years made fantastic progress and is definately now the better browser in both functionality, security and last but not least mozilla looks better to me and renders websites better too...

    M$FT should just throw in the towel on IE and reduce its function to Windows Update and able to download Mozilla/Netscape, (just make it a ftp downloader tool)

  8. Best Quote From Story by CHaN_316 · · Score: 3, Interesting

    "Our users should have confidence that as long as they're running the latest browser with all the latest security fixes, they will have the most powerful and secure browsing experience." - Microsoft group product manager for Internet Explorer

    Yes they should have this powerful secure browser .... funny funny. Maybe they're talking about FireFox 1.0.

    --
    "There is no spoon." - The Matrix
  9. Re:Wow by Anonymous Coward · · Score: 3, Interesting

    But didn't MS say it's the patches that cause the exploits?

    Plus the patch won't be ready till NEXT week.
    Normally MS doesn't PR their minor patchs. Maybe their Service Packs, but i don't really know.
    So, how much of this PR stunt has to do with what Home Land (in)Security had to say about IE?

  10. Re:I thought the patch was released already. by pandrijeczko · · Score: 4, Interesting
    It was so much simpler before the net.

    Not strictly true.

    The development of TCP/IP allowed the ARPANet to happen (which later became the Internet follwing commercialisation in the late 80s).

    UNIX-based servers formed the core of the ARPANet because TCP/IP has always been built into UNIX and UNIX was designed as a multi-user multi-platform network operating system.

    Microsoft assumed that the world would use their poor quality NetBIOS/LanManager protocols until the early 90s when they were forced to include TCP/IP support into Windows - that was after they almost ruined Novell by worming their way into using IPX/SPX networking protocols.

    In other words, a kludgy operating system had to be kludged even more to support TCP/IP. This is a legacy that has lived with MS since and while the support of TCP/IP has improved over the various Windows iterations, the fact is that the Windows architecture is not as suitable for Internet connectivity as UNIX.

    Everything in UNIX is designed for simplicity - one program doing one task. If you need a network service, just turn it on - if you don't, turn it off.

    Where UNIX has a weakness is the security model because, in ARPANet days, information was open and there was no need to secure servers. However, that has improved a thousandfold over the years with features like shadow passwords, better authentication models and secure protocols. The simplistic security model of "you, those you trust and the rest of the world" now works to it's advantage because it's very easy to apply to a system - the difficult part is knowing all the potential holes to apply it to that can only come from experience.

    If Windows was not an Internet OS today, we would still have crackers and security exploits on UNIX. However, there would be less of it because fewer crackers would be clever enough to break into a UNIX system and whilst there might be the occasional worm program, email viruses simple would not exist.

    --
    Gentoo Linux - another day, another USE flag.
  11. Re:So what by pandrijeczko · · Score: 3, Interesting
    Firefox has to impress me on its own merits if they want my loyalty

    Please post your home address on Slashdot and we will ask the Firefox programmers to come over to your house and give you a personal demonstration. If they deliver the demonstration as a singing barber's shop quartet, will that impress you?

    Is there any particular night of the week that's better for you?

    Nobody, least of all the OSS "philosophers" give a damn about your "loyalty".

    It's software, it's free, it's there but it's up to you to get off your butt and try it for yourself.

    --
    Gentoo Linux - another day, another USE flag.