Oops! Missed One Fix — Windows Attacks Under Way
CWmike writes "Microsoft says attackers are now exploiting a critical Windows bug that it didn't get around to fixing in its biggest batch of security patches in more than five years, issued yesterday. Microsoft said that 'limited and targeted' attacks are in progress by hackers exploiting an unpatched vulnerability in the WordPad Text Converter, a tool included with all versions of Windows. If Microsoft patches the WordPad problem on its monthly schedule, the first opportunity for fixing the flaw would be Jan. 9, 2009." Update: 12/10 22:28 GMT by T : OK, there might have been more than one: reader Simon (S2) writes "There is an even more serious flaw ... From SANS: 'There is a 0-day exploit for Internet Explorer circulating in the wild. At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon. This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine. The exploit is a typical heap overflow that appears to be exploiting something in the XML parser.'"
You clearly don't know very much about how windows works. Incompetence by design.
oooh... OOOH! /.
Now I get it! The GGP posted a partial comment to ilustrate the fact that a word editor has a critical bug, and comments are written using something akin to a word editor, too!
The partial comment implies that the bug affected slashdot somehow, either by sending the unfinished post, or by aborting the connection, but somehow the partial post still made through... a common joke here on
Yes, very subtle. It escaped me at first.
After what was expected to be an unusually quiet Patch Tuesday, Microsoft has released eight patches for applications with an insufficient number of security holes.
The updates include "critical" patches to Windows Media Player visualisations, Zune player software, that really cute dinosaur cursor and Age Of Empires II. The exploits opened by these patches allow a malicious user to take webcam pictures of your pimply butt, steal your pizza delivery and have sex with your girlfriend. The exploits have already been marketed to the Dark Security market by Microsoft Russia.
"Windows 7 won't be vulnerable! Did we mention how fantastic Windows 7 will be? Also, Vista's pretty good! Really! The London Stock Exchange was probably still on XP!"
Several faintly cat-piss-smelling Linux users pointed and laughed in a nerdy bray at the news and a much larger number of annoying Mac users showed off their new model iPod Nanos.
http://rocknerd.co.uk