IE Flaw Puts Windows XP SP2 At Risk

Zigor writes "CNET is reporting that a new flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2, eEye Digital Security has warned. The discovery of this IE flaw comes just over a month after Microsoft issued a cumulative patch addressing three vulnerabilities for IE. The new IE flaw also adds to another vulnerability, discovered last month, that affects systems using Windows XP SP2."

Re:Is The Honeymoon Still Over?

[RAMMS+EIN]

``I presume we are still to believe that FireFox is less secure than IE, because it has had more vulnerabilities discovered recently?''

It begs the question though: how much effort is being put in finding flaws in Microsoft software, and how much effort is being put in finding flaws in other software? I know that Windows is to security as a submarine is to a sponge, but what about a default Ubuntu install?

My laws of security:

  - Windows is so insecure it has become unusable.
  - There's no way of knowing whether another system is more secure (any study will always be biased)
  - Any software written in unsafe languages (notably C) is bound to contain vulnerabilities