Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ten Security Bulletins From Microsoft

Posted by michael on from the making-america-safer dept.

wschalle writes "Microsoft has released 10 "new" security bulletins, including one pertaining to a vulnerability in the Windows Shell, apparently exploitable via the web. The shell vulnerability only allows code execution as the user viewing the malicious web site. Aren't you glad your shell is web-enabled? The recent GDI+ vulnerability is re-released here as well as a vulnerability in zip compression handling."

25 of 392 comments (clear)

  1. My by Rick+Zeman · · Score: 5, Funny

    ....Win2k patched fine. Another Tuesday Patch roulette over with....

    1. Re:My by jerw134 · · Score: 5, Funny

      Directly from Microsoft: "core Windows components have been recompiled with the most recent version of our compiler technology, which provides added protection against buffer overruns."

      Source

  2. I give up by darth_MALL · · Score: 5, Funny

    I was just about to write a pro MS defence post to stave off the oncoming attack. I just re-read the article. I quit.

    1. Re:I give up by Hatta · · Score: 4, Funny

      I'm a little confused. Windows has a shell?

      --
      Give me Classic Slashdot or give me death!
    2. Re:I give up by Anonymous Coward · · Score: 1, Funny

      what, are you retarded? explorer.exe and cmd.exe [2k and up]

  3. Web enabled Shell by 12357bd · · Score: 5, Funny

    Ok, Now is a really web enabled experience! :)

    --
    What's in a sig?
  4. C&C by schnits0r · · Score: 5, Funny

    The recent GDI+ vulnerability

    Good thing I choose to join NOD.


    /rimshot

    --


    -------
    Support Indy Music. Buy
  5. Nothing new here... by Anonymous Coward · · Score: 1, Funny

    I think the first link on the page referenced above says it all:

    Want Less Technical Detail?

  6. A more accurate bulletin here by Magickcat · · Score: 5, Funny

    I can think of a more comprehensive bulletin:

    1. Internet Explorer (All versions)
    2. Microsoft Office (All versions)
    3. Microsoft Windows OS (All versions)

    --

    Si tacuisses philosophus mansisses. If you had kept quiet, you would have remained a philosopher.

  7. Thread-o-matic by JoeLinux · · Score: 5, Funny

    Please select your argument here:
    [ ] MS has these security exploits because it is the biggest OS
    [ ] MS is a steaming pile when it comes to security
    [ ] MS is working on fixing these things, and is doing the responsible thing.
    [ ] 1337! I can't wait to #4x0r!

  8. Love this from the remote shell exploit faq by codepunk · · Score: 4, Funny

    Wow now these are guys I can trust!

    Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by any of the vulnerabilities that are addressed in this security bulletin?

    No. None of these vulnerabilities are critical in severity on Windows 98, on Windows 98 Second Edition, or on Windows Millennium Edition. For more information about severity ratings, visit the following Web site.

    Don't sweat it, a remotely exploitable shell is
    not critical!

    --


    Got Code?
    1. Re:Love this from the remote shell exploit faq by HermanAB · · Score: 2, Funny
      Actually, WinME is my favourite Windoze version.

      Provided that you run PCLite and install the latest version of IE, Firefox and Thunderbird and keep it safe behind a Linux firewall and Samba server...

      --
      Oh well, what the hell...
  9. But how can this be? by Tibor+the+Hun · · Score: 1, Funny

    I thought XP is the safest and most secure version yet! That's what all the commercials and the blue installation screens say.
    Does this mean that my potential (and therefore their passion) is full of security holes?

    --
    If you don't know what AltaVista is (was), get off my lawn.
  10. great marketing by LiquidMind · · Score: 5, Funny

    and (on my page) a microsoft windows server 2003 advertisement right below this article.

    beautiful. fucking beautiful.

    --
    This sig contains repetition and redundancy.
  11. Reminds me of something by Deorus · · Score: 5, Funny

    "The best thing about Microsoft bugs is that there are so many to chose from..."

  12. Lets see by codepunk · · Score: 1, Funny

    Nasty hacker crafts email that appears to be from
    microsoft talking about this great new software that can be downloaded from their site. Of course mindless MCSE network admin does not realize it is a phishing attack and clicks to see the greatest new stuff from the redmond lords. Now nasty hacker owns your entire network......priceless

    --


    Got Code?
  13. Gotta love Windows... by cortana · · Score: 2, Funny

    Updates were unable to be successfully installed

    The following updates were not installed:
    Microsoft .NET Framework 1.1 Service Pack 1
    Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB834707)

    [Configure automatic updates] [Tough shit]

    Thanks, Microsoft! What the hell am I supposed to do now! Oh well, this particular machine hasn't been installed for almost 1 year, it's about time I reset the cruft factor...

  14. DAMN! by AvantLegion · · Score: 4, Funny
    Damn! I had 9 in the pool.

    That's what I get for having faith in you, Microsoft!

  15. Re:News For Nerds?? by alw53 · · Score: 5, Funny

    We should all be nice to Microsoft because they would never bug their competitors' hotel rooms, perjure themselves in court, open their source code to China while claiming in court that opening it would damage national security, sabotage their competitors' applications by changing their API's, or promise delivery dates that they know they cannot meet in order to starve their competition. Everyone knows Linus does that kind of stuff all the time.

  16. mod parent up! by xutopia · · Score: 4, Funny

    actually, parent is my brother(that sentence sounds weird); I just want to make sure his comment is public so he has to carry through with it ;)

  17. Correct reponse to Microsoft security holes by crazyphilman · · Score: 4, Funny

    When confronted with a new Microsoft security hole, which seems to one to have existed for a while, possibly leaving his entire organization at risk, one should never react with surprise or horror.

    One must make a FRIEND of the horror.

    Then, one can hear about the security issue, nod sagely with a wan smile, and whisper to the junior IT staff, "But of COURSE there is a hole. This is to be expected, young one. Run and patch, then we'll go to lunch."

    Bonus points for leaning back in one's chair, folding one's hands across one's belly, and sighing loudly before addressing the novice.

    --
    Farewell! It's been a fine buncha years!
  18. Re:10 Bulletins? by ktakki · · Score: 5, Funny

    MS10-01: Vulnerability in Internet Explorer may cause user to worship other gods.
    MS10-02: Buffer overrun in Graven Image processing.
    MS10-03: Vulnerability in RPC Service may cause the name of the Lord to be taken in vain.
    MS10-04: Vulnerability in Task Scheduler may prevent computer from resting on the Sabbath Day.
    MS10-05: Vulnerability in Windows Shell may allow child process to kill parent process.
    MS10-06: Buffer overrun in DCE Locator Service may cause abnormal program termination.
    MS10-07: Vulnerability in Outlook/Outlook Express may lead to adultery.
    MS10-08: Vulnerability in MSKerberos may allow remote user to steal.
    MS10-09: Vulnerability in Excel may allow workbooks or spreadsheets to bear false witness.
    MS10-10: Vulnerability in Internet Explorer may cause user to covet neighbor's ass.

    k.

    --
    "In spite of everything, I still believe that people are really good at heart." - Anne Frank
  19. Re:Insane by Zen+Punk · · Score: 2, Funny

    I did it and I got a free iPod!

    --
    Sleep is futile.
  20. Re:another reason to learn linux by ZorbaTHut · · Score: 2, Funny

    Not if it's running Windows - then it'll be full of holes! /rimshot

    --
    Breaking Into the Industry - A development log about starting a game studio.
  21. All bugs have shells..... by hughk · · Score: 4, Funny

    they are called exoskeletons.

    --
    See my journal, I write things there