Posted on 08/09/2005 2:56:44 PM PDT by Panerai
Microsoft on Tuesday issued alerts on several security flaws in Windows, the most serious of which could allow an attacker to gain control over a victim's computer.
Microsoft released six security bulletins as part of its monthly patching cycle, three of which it deems "critical." The Redmond, Wash., software gives that rating to any security issue that could allow a malicious Internet worm to spread without any action required on the part of the user.
One bulletin addresses three flaws in Internet Explorer. Of all the issues Microsoft offered fixes for Tuesday, these put users at most risk of attack, said Oliver Friedrichs, senior manager at Symantec Security Response. Two other vulnerabilities, affecting the plug-and-play feature and printing in Windows, could also spell some trouble for users, he said.
An error in the way IE, Microsoft's widely used Web browser, handles JPEG images is especially alarming, according to Symantec. An attacker could commandeer a PC by crafting a malicious image and tricking the victim to look at it on, for example, a Web site or in an HTML e-mail, Microsoft said in its MS05-038 security bulletin.
"These vulnerabilities can be leveraged by malicious Web sites to install spyware, Trojan horses, bots, or other programs on an unsuspecting user's machine," Friedrichs said.
The other two IE flaws that Microsoft now has fixes for could also allow an attacker to take control of a user's computer. One relates to how the browser handles URLs related to a feature that lets users view file folders in IE. The other deals with the ability of IE to call on other parts of Windows and is similar to a problem patched last month.
(Excerpt) Read more at news.com.com ...
they haven't fixed crap...
bandaids on an artery come to mind...
See also:
Microsoft sees 3 'critical' Windows security flaws
http://www.freerepublic.com/focus/f-news/1460039/posts
And if it wasn't here, you'd probably be posting to yourself and Steve Jobs...and that'd be about it.
Microsoft is doing everything they can to make their software more secure, but if there weren't so many criminals targeting Windows it wouldn't be such a problem. If Apple or Unix were the dominant platform, I guarantee you would see the same level of hacks on those platforms.
Your best bet is to use anti-spy and anti-virus software and enable Windows automatic update feature or visit the Windows Update web site every once in a while. If you do that you'll be fine. That's what I do with the 4 PCs I own, and they all have no problems.
It won't let me update. Says I don't have an original copy of XP on my computer
Powder..Patch..Ball FIRE!
Micro$oft isn't doing Kr*p Their IE7 won't even be available for anything besides Xp.
Use Firefox. Use Linux. Use OpenOffice. Tell M$ to take a hike.
Where did you get your OS?
That means the Microsoft Authentication Software thinks you have a pirated copy of Windows XP on your machine.
Irrational anti-Microsoft jihadi mindset detected. Post ignored.
So what do I do?
or just use Symantec and Mozilla and not have to worry too much...
Or just buy a MAC. When Apple comes out with the x86 Dell version, Windows days will be numbered....
Could be you have an OEM version installed when you bought your computer. If so they should update it. Otherwise you'll have to buy a copy. I suspect that a lot of the "problems" MS is coming up with now is just an excuse to get in your computer to see if you are legit.
Sorry, my 22 years experience as a software developer says you're wrong. BTW, nice made up factoid about Unix there.
My ME crashed so my son's friend installed XP for me. It has been updating all along and now it won't do it anymore. Is my puter screwed if I don't buy a copy of XP? I do use firefox but I use IE to play computer games, it seems to work better. I use XP's firewall and an anti-virus.
Well there's your problem - your Windows XP isn't legit.
Is my puter screwed if I don't buy a copy of XP?
Yep - you need to get your own legit copy.
Yeah, you're screwed. Microsoft just recently installed a system that ensures only legit copies can download updates to try and slow down pirating of its products.
1000 times was made up, my apology.
but the ms FUD regarding the "dominant platform" is just that, FUD. there are much bigger "prizes" to be had on machines running unix and linux, i don't buy or use ms products and i don't buy ms fud(wishful thinking).
Ah, the latest monthly, at least, edition of, "MicroSloth Fixes Serious Windows Flaws." Thank you for this. I've been waiting for it.
Any truth to the rumor this may become a weekly or even daily publication?
in other news, a snowball survived in hell today...
Yeah. But if I recall correctly, they'll let you download critical updates but not the optional updates.
Actually security updates are available to everyone, even if you don't pass the genuine advantage test.
won't let me get the new critical updates today.
Mac OSx Tiger x86 developer version has been leaked
and will supposedly run on any newer Intel box. Praise be!
Damn... It's gonna be sweet! (now to ditch my AMD box)
Back up your data frequently, and don't keep any sensitive data on your hard drive. Otherwise you'll be fine.
but the ms FUD regarding the "dominant platform" is just that, FUD.
FUD stands for fear, uncertainty and doubt. How is it that there can be any FUD about Microsoft being the dominant platform? It is a known fact. I don't understand how you can say that is FUD.
there are much bigger "prizes" to be had on machines running unix and linux
That may be your opinion (I'm not sure what you mean by prizes), but it's no reason to beat up on Windows, which is the OS chosen by millions of people, and which Microsoft is trying earnestly to make as secure as possible. It's not like they're just ignoring this security issue - it's one of the top priorities for their company!
Try turning on automatic updates and see if that works. That's the word I get from the grapevine.
Funny how these type threads always flush out the MSFT bashers; seems to me they would be too busy basking in their superior systems to take time out of their busy productive schedules to comment to mere mortals using MSFT Windows.
Yeah I saw some pictures the other day...
This may be the next computing revolution, especially since I think it's only a matter of time until Microsoft has bigger issues than they do now....
Windows sucks..plain and simple.
LOL. Bingo.
Would you clear your throat and say that bit of should-be-common-sense again, louder?
Dan
Guess I wuz wrong. Sorry.
It's more logical that non-Windows users would have more free time to visit these threads since they aren't updating their systems all day long.
http://windowsupdate.62nds.com/ is a third party update sight for windows.
It makes the patches available shortly after MS.
Of course you should pay for windows (wink, wink), cheap versions are always on e-bay but you need to watch out for copied versions.
It won't let me update either. It says I'm running Linux!
Guess I wuz wrong. Sorry.
No need to apologize. This place is wonderful and even if things don't work it's still nice to have people that try to help :)
Yeah, but shouldn't users of superior OS's spend their time solving world hunger and modeling new energy sources and finding new prime numbers and inverting million by million arrays instead of gloating on every bash MSFT thread??? Seems sort of tacky to me.
It's also interesting how they just bash Windows, but can't seem to come up with any real reasons why Unix/Apple/etc. is "so much better". All you get from them are generalities like "it's more secure" or "it's way better".
Okaaay - whatever!
...if there weren't so many criminals targeting Windows it wouldn't be such a problem. If Apple or Unix were the dominant platform, I guarantee you would see the same level of hacks on those platforms.
I just have an aversion to willful ignorance; e.g., liberals unfairly and incessantly bashing Bush when in all probability his efforts are keeping their sorry asses from terrorist attacks. Same goes for MSFT bashers; MSFT isn't perfect by any means, but their OS has to operate on combinations and permutations of hardware/application software that dwarfs apple etc. and that isn't easy.
I agree. They have absolutely no clue as to how extremely hard what Microsoft does is, and how well they do it in spite of those difficulties. Granted, it's good to push and challenge Microsoft to do better, but geez, the non-stop bashing of some is just childish.
A couple of questions -- could I successfully reformat my computer with my wife's OEM Win XP Pro disc from her newer computer? Would I be able to get subsequent Win updates?
We bought both computers new from Dell at different times.
Last question -- Since I have misplaced all my original discs, what do I do for drivers for all the other bits and pieces of hardware inside my computer, since I don't seem to have that disc or discs anymore either?
Thanks in advance for any assistance!
In a related story, the people killed on 911 should have known better than to work in a tall building that had previously been attacked.
Let's be democrats for a day and blame the victims.
You could, but the install won't last long, since you will have to activate the OS within a certain number of days, and I seriously doubt the activation will work, and you'll have wasted a lot of time, since it will be unusable. The Dell XP versions are linked to the specific motherboards, I believe. I have two that came with XP pre-installed, and an older machine for which I bought a non-Dell OEM version of XP. The latter asks for re-activation at the drop of a hat; I put a new video card in it yesterday, and as soon as I booted, it told me I had to reactivate. On the Dells with the original install, I've changed/switched hardware several times, with not a peep from XP.
As far as the drivers, etc., all of those can be downloaded from Dell's support website (click on Service & Support, choose "Downloads" and input your service tag number).
You might also try calling or emailing Dell support (include your service tag number) and ask about replacement disks -- it's worth a shot.
I use Firefox.
Should I worry?
So tell me--do Yugos and Volvos and Mercedes and Fords all have the same number of defects per car? Does quantity sold indicate quality of product?
Code is exactly the same. "Market share" or number of desktops in existance does not determine the number of hacks available to compromise the code.
Flawed analogy.
Better analogy: does General Motors stay up nights working on ways to compete with Rico Motors' line of passenger cars? Do they come up with ways to make Rico's Motors' cars break down? Of course not. They focus on the bigs.
Hackers don't focus on the OS's that a relative handful use. But, as recent articles have shown, they're also vulnerable, once the cyberthugs turn their baleful eyes thither.
That's a better analogy. Not friendly to your grudge, maybe, but better.
Dan
Yes, they are vulnerable. I freely admit that. I never claimed otherwise. But they're not AS vulnerable. There are FEWER problems with Linux/BSD than with Windows.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.