Well agian thank you for proving my point and showing me how defensive/.ers get about thier OS. I seen countless systems in my enviroment running as such but I guess there just honest to god users so there safe:). No worries
The biased/.er. It doesn't matter that it was a 8 year old really bad exploit. If it was MS this post would have been on the same day as it was found and everyone laughing at how lame Win is. Not for the/.ers. Nope focus on the fact the article didn't get posted here till today and that "hey, look its already been patched way back in april of this year no worries WE WIN!!
You can do both and well not easy will secure IE from bad Active x controls. Use Group Policy and if it is Windows XP home downlaod the file or get the file from a windows xp Pro box. The file is gpedit.msc. Then if you l;ook in IE and manage Add-Ons and enable or disable so a list appears. Then right click the header and select to show class id. You will want to write down all the active x controls class ids and I know its a pain. Once you have them all written down then use group policy and enter them into either the computer config or the user config. I would suggest user config/admin templates/Windows components/Internet Explorer/Add-on managment and tell the computer to run the ones you have deifined. There problem solved from here on out. Yes updated active x class ids for maybe flash or java can be a pain but thats if your running those apps. If you mostly use FF then you should only be approving ones to finish your coursework. Then no matter what no bogus active x can run becasue it does not have permission to. Been doing this ever since XP came out and never had a bogus Active x control take over my machine.
While I understand many of the hate and anger the people of the 80s and 90s carry and cannot seem to get ride of for MS. I think it's misplaced.
Instead of attacking for choice attack all the companies that still do not support alternate browsers. No one will choose a different browser if say there School, Bank or whatever does not code for any browser but IE. They will immediately go back to IE because it works.
Seeing past your noses works well in this kind of situation. The Eu jsut wants something like Opera to be placed there but no one understands that the population chooses and most people will not change there bank or whatever just because there browser doesnt work, they will change browsers back to IE if that has always worked for them.
I think it has been said countless times. A reboot of IE is because IE is closely intgrated with the OS. When you have this IE's rendering engine is used for office and windows explorer and many other apps thats are not microsoft branded. The reboot assures that the file was fully unloaded from memory and patched.
I am aginst firefoxes approach of start firefox install an update only becasue I thought we learned our lessen that sometimes a patch can break alot more than what was supposed to be fixed. Yes that came about becasue of Microsoft but I have had a few linx updates that I have had to roll out of becasue of an unknown bug. But with Microsoft's patch mangment I can choose which updates to apply and choose them all knowing the OS and a browser is patched in one swipe of the hand.
If Firefox would get off there arses and develope a coporate patch mangmewnt system then more people might jump up and show favour for it. But as far as I am concerned, I am not going to pay for an msi and developing one after every 2 week release times of FF is a bigger pain. I know version 3 has not been plagued with many updates but when FF v2 came out they were patching every 2 or 3 weeks and this is not an acceptable patching method for coporate people. Even though I do write an msi many corps will not and throw FF out the door.
Funny that the goverment cannot even get there documentation straight in the constitution for 221 years and everyone still argues over that to be made clear. Of course a quote from Family guy to make my point.
"You think the language in the second amendment is clear enough you know about the right to bear arms. Of course it's clear; Every American has the right to hang a pair of bear arms on their wall. How can that be misconstrued?"
Its really not quit as complex as most make it out to be.
1. If you are a system administrator it is your job to secure the system and take steps to prevent malware. Examples would be updating firefox and also becasue of IE's little active x trick restrict it through group policy " (Add-On managment and Restrict file downloads) both in group policy and have been since Server 2000". If you are not using it and have had a machine under your control infected with malware through the browser you have no one to blame but yourself since the year 2000.
2. Home users will never learn and will always be the cause of many problems whether Microsft or some other OS hosted.
Bashing any OS for poor security is pointing the finger at the wrong person. Yes you get your exploits but the malware problem is System administrator and Home user supported. In the sense to many sys admins that do not know anything and home users... well repeat number 2 reason above.
I am going to have to agree. It is 3rd party applications that hold me back in my enviroment. Seeing as alot of software still runs in some weak 16 bit dos package:(. I enjoy Vista and am working out management bugs until 3rd party apps catch up. It looks like a summer deployment for me next year. The group policy redesign will significanlty reduce my sysvol and help speed up managment of security so I am getting geared up for this. Alot of these complaints though seem to bash the OS for whatever reason if it is there fault or not. Typical/.ers. Bad coding is what made Vista terriable when it first came out and not Microsofts but 3rd party apps poor design. Now that might be Microsoft's fault for letting them get away with the poor unsecure coding but not the OS itself.
Seriously I use A/V but I dont think I need it. Using Group Policy, addon management and also attachment manager. Lastly run your user as a USER. Reduceing executable ground in the first place instead of relying on one package for security has always been maximize your current tool set. Stop discarding the gpmc for windows because it is one of the few great tools out there for the blind windows enviroment user and for home users well gpedit.msc and lock it down. God you can setup white list and black list of apps stop the dam 16 bit apps from running. Since IE and windows are so heavily integrated it is apparant you lock down both not just one or the other.
I have run into a few small companies that lock IE down without any thought to the OS with its many vulnerablities and then it goes the exact other way. Let them lock the OS down but let them install any Active x object they want and download any executible to there computer through IE or Firefox.
Sorry my rant is not to use windows but if you are, at least secure it as much as you can:)
I see the somewhat the problem he has but then again I don't. You have a Microsoft Product not validated. Your inbaility to grab the huge basket of freebies fails. Which never has happen to me except when the trial period has run out. So you refuse to either purchase visio or register it but want addons from there website. Now there website does a basic check for Microsoft validated Products and since your visio isn't you lose. Thats lazy on thier end but god complain more. Just uninstall Visio or Validate it and there your fixed. You want the freebies for all the products but only paid for some of them. I see the problem its the user.
Just remove visio and get an alternative stop relying on it if you don't like it. Its not really broken but it is, Its Microsft. Go use something else and stop wasting time.
Slashdot Mirror
Well agian thank you for proving my point and showing me how defensive /.ers get about thier OS. I seen countless systems in my enviroment running as such but I guess there just honest to god users so there safe :). No worries
The biased /.er. It doesn't matter that it was a 8 year old really bad exploit. If it was MS this post would have been on the same day as it was found and everyone laughing at how lame Win is. Not for the /.ers. Nope focus on the fact the article didn't get posted here till today and that "hey, look its already been patched way back in april of this year no worries WE WIN!!
You can do both and well not easy will secure IE from bad Active x controls. Use Group Policy and if it is Windows XP home downlaod the file or get the file from a windows xp Pro box. The file is gpedit.msc. Then if you l;ook in IE and manage Add-Ons and enable or disable so a list appears. Then right click the header and select to show class id. You will want to write down all the active x controls class ids and I know its a pain. Once you have them all written down then use group policy and enter them into either the computer config or the user config. I would suggest user config/admin templates/Windows components/Internet Explorer/Add-on managment and tell the computer to run the ones you have deifined. There problem solved from here on out. Yes updated active x class ids for maybe flash or java can be a pain but thats if your running those apps. If you mostly use FF then you should only be approving ones to finish your coursework. Then no matter what no bogus active x can run becasue it does not have permission to. Been doing this ever since XP came out and never had a bogus Active x control take over my machine.
While I understand many of the hate and anger the people of the 80s and 90s carry and cannot seem to get ride of for MS. I think it's misplaced. Instead of attacking for choice attack all the companies that still do not support alternate browsers. No one will choose a different browser if say there School, Bank or whatever does not code for any browser but IE. They will immediately go back to IE because it works. Seeing past your noses works well in this kind of situation. The Eu jsut wants something like Opera to be placed there but no one understands that the population chooses and most people will not change there bank or whatever just because there browser doesnt work, they will change browsers back to IE if that has always worked for them.
I think it has been said countless times. A reboot of IE is because IE is closely intgrated with the OS. When you have this IE's rendering engine is used for office and windows explorer and many other apps thats are not microsoft branded. The reboot assures that the file was fully unloaded from memory and patched. I am aginst firefoxes approach of start firefox install an update only becasue I thought we learned our lessen that sometimes a patch can break alot more than what was supposed to be fixed. Yes that came about becasue of Microsoft but I have had a few linx updates that I have had to roll out of becasue of an unknown bug. But with Microsoft's patch mangment I can choose which updates to apply and choose them all knowing the OS and a browser is patched in one swipe of the hand. If Firefox would get off there arses and develope a coporate patch mangmewnt system then more people might jump up and show favour for it. But as far as I am concerned, I am not going to pay for an msi and developing one after every 2 week release times of FF is a bigger pain. I know version 3 has not been plagued with many updates but when FF v2 came out they were patching every 2 or 3 weeks and this is not an acceptable patching method for coporate people. Even though I do write an msi many corps will not and throw FF out the door.
It was more along the lines of any part of the US goverment telling anyone they have bad documentation on anything.
Funny that the goverment cannot even get there documentation straight in the constitution for 221 years and everyone still argues over that to be made clear. Of course a quote from Family guy to make my point. "You think the language in the second amendment is clear enough you know about the right to bear arms. Of course it's clear; Every American has the right to hang a pair of bear arms on their wall. How can that be misconstrued?"
Its really not quit as complex as most make it out to be.
1. If you are a system administrator it is your job to secure the system and take steps to prevent malware. Examples would be updating firefox and also becasue of IE's little active x trick restrict it through group policy " (Add-On managment and Restrict file downloads) both in group policy and have been since Server 2000". If you are not using it and have had a machine under your control infected with malware through the browser you have no one to blame but yourself since the year 2000.
2. Home users will never learn and will always be the cause of many problems whether Microsft or some other OS hosted.
Bashing any OS for poor security is pointing the finger at the wrong person. Yes you get your exploits but the malware problem is System administrator and Home user supported. In the sense to many sys admins that do not know anything and home users... well repeat number 2 reason above.
Just my 2 cents
I am going to have to agree. It is 3rd party applications that hold me back in my enviroment. Seeing as alot of software still runs in some weak 16 bit dos package :(. I enjoy Vista and am working out management bugs until 3rd party apps catch up. It looks like a summer deployment for me next year. The group policy redesign will significanlty reduce my sysvol and help speed up managment of security so I am getting geared up for this. Alot of these complaints though seem to bash the OS for whatever reason if it is there fault or not. Typical /.ers. Bad coding is what made Vista terriable when it first came out and not Microsofts but 3rd party apps poor design. Now that might be Microsoft's fault for letting them get away with the poor unsecure coding but not the OS itself.
:)
Ehh flame away it was my 2 cents
Seriously I use A/V but I dont think I need it. Using Group Policy, addon management and also attachment manager. Lastly run your user as a USER. Reduceing executable ground in the first place instead of relying on one package for security has always been maximize your current tool set. Stop discarding the gpmc for windows because it is one of the few great tools out there for the blind windows enviroment user and for home users well gpedit.msc and lock it down. God you can setup white list and black list of apps stop the dam 16 bit apps from running. Since IE and windows are so heavily integrated it is apparant you lock down both not just one or the other. I have run into a few small companies that lock IE down without any thought to the OS with its many vulnerablities and then it goes the exact other way. Let them lock the OS down but let them install any Active x object they want and download any executible to there computer through IE or Firefox. Sorry my rant is not to use windows but if you are, at least secure it as much as you can :)
I see the somewhat the problem he has but then again I don't. You have a Microsoft Product not validated. Your inbaility to grab the huge basket of freebies fails. Which never has happen to me except when the trial period has run out. So you refuse to either purchase visio or register it but want addons from there website. Now there website does a basic check for Microsoft validated Products and since your visio isn't you lose. Thats lazy on thier end but god complain more. Just uninstall Visio or Validate it and there your fixed. You want the freebies for all the products but only paid for some of them. I see the problem its the user. Just remove visio and get an alternative stop relying on it if you don't like it. Its not really broken but it is, Its Microsft. Go use something else and stop wasting time.