Attacks Against Unpatched Microsoft Bug Multiply

CWmike writes "Attacks exploiting the latest Microsoft vulnerability are quickly ramping up in quantity and intensity, several security companies warned today as they rang alarms about the developing threat. Symantec, Sunbelt Software, and SANS' Internet Storm Center bumped up their warnings yesterday after Microsoft announced that attackers were exploiting a bug in an ActiveX control used by IE to display Excel spreadsheets. There is no patch for the vulnerability; Microsoft didn't release one in today's Patch Tuesday. A temporary fix that sets the 'kill bits' of the ActiveX control is available, but experts believe it's likely most users won't take advantage of the protection. Symantec raised its ThreatCon ranking to the second of four steps. "We're seeing it exploited, but currently on a limited scale," said Symantec's Ben Greenbaum. Sunbelt also bumped up its ranking, to high." Firefox users can't be too complacent; Secunia is warning of a 0-day in version 3.5.

Re:server side scanning

[hairyfeet]

I probably shouldn't feed the troll, and I'll probably get flamed, but what the hell I'm bored. You wanna know why Linux can be more secure than Fort Knox and nobody wants it? Do you really want to know? It is actually very simple-It is because Linux is a GIANT PITA and its UI SUCKS! That's why!

It doesn't matter how damned good your Linux security is if only geeks can use the damned thing. After all, I can lock a Windows box in a safe and bury it and it'll be safe too, it will be about as usable to home users as Linux is. I'm not trying to flame here, I personally hope someone will come along and do for Linux what Steve Jobs did with BSD, I just ain't seen it yet. example-I had someone here the other day actually seriously arguing that Sudo equaled "Runas" because Sudo 'lets you do things the GUI designers never thought of". Now honestly how many home users have sat there and thought "You know, i just need more power than these GUI designers gave me" Answer-NEVER!

It is really not that hard Linux guys, just repeat after me- Home users will NEVER EVER use CLI! Got that? It bears repeating so I will- Home users will NEVER EVER use CLI! in the fifteen years I've been working on Windows boxes I can count the # of times I have had to go CLI on one hands with fingers left over. When was the last time you opened Bash? probably this week if not this very day. Problem in Windows? GUI solution. Mac? GUI solution. Linux? "Open up bash and type" which you should follow with "you know what, get someone to put Windows on your machine because this OS sucks" because that is exactly what the home users are thinking!

The reason MSFT knows own the Netbook market, with a decade old OS to your brand new Linux, isn't some plot and the sooner you accept it the better. It is because the GUI in 10 year old XP works better than the 2009 GUI in Linux. Why? Because the groups paying the big bucks for development, like Oracle and Red Hat only care about SERVERS, and servers are faster and easier to manage from CLI. Server guys like CLI, Geeks like CLI, Home users hate it with a passion, okay? Is that really so hard? I don't care if you think Bash is the second coming, until the Linux community accepts the fact that CLI MUST DIE, don't be surprised when people would rather deal with malware than your OS. i'm sorry, that is just the way things are.