“A fix to a serious bug in Microsoft’s browser is still not working properly after a re-release, according to the firm that discovered the flaw. A patch released by Microsoft to fix a critical security vulnerability in Internet Explorer does not work, according to security experts,” reports Patrick Gray for ZDNet Australia.
Gray reports, “The ‘object type’ vulnerability was discovered by eEye Digital Security around four months ago. A patch was released on 20 August — and then re-released on 28 August, because under some circumstances it caused problems for some non-default operating system installations — and looks due for yet another re-release because it simply doesn’t fix the vulnerability it is supposed to, eEye said. The vulnerability can be exploited by crafting a malicious HTML file that, when viewed by an Internet Explorer browser, extracts and executes malicious code.”
“…Marc Maiffret, eEye’s chief hacking officer, said the vulnerability is particularly critical because it doesn’t take a lot of effort to take advantage of. ‘It’s pretty serious just because it’s so easy to exploit… it doesn’t require someone to know how to write buffer overflow exploits or anything like that.’ Maiffret says Microsoft should have done a better job to begin with. ‘How do you take four months to fix something this simple and then not fix it correctly?’ he asked. ‘It seems like they are taking security seriously… [but] at the same time I don’t think they’re really investing,” Gray reports.
Full article here.
Deja Vu
another day, another dollar, er, virus for PC users. this gets old — even for mac users.
I find it interesting that M$ is not able to patch their own software. So their mantra of “keep up with your patches” won’t work either. Is this the perfect storm for them or what?
geez, you’d think the guys in redmond would be able to patch up their own bloatware…that’s not a good sign…
Guess as Billy G uses a Mac he doesn’t think it’s that important ;o)
I had no idea that HTML could be written to run malicious programs. I thought it was much more benign, similar to PDF. You know, display some text, an image, perhaps a movie, some audio or animation, etc.
Personally, I hate the idea of it being able to create pop-ups. Creating a new window on my computer is a function of my computer’s OS and it makes me very uncomfortable that a total stranger (HTML programmer) can have such influence over my system. If they want to create some sort of animated pop-up within the HTML window I am viewing, that is fine. But, reaching into my OS is completely wrong!!
P.S. Yes, of course I use Safari with the “Block Pop-up Windows” activated. Seeing this article, I feel much safer, but makes me wonder even more why some of my friends remain die-hard MS users. Let us pray for them!
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
Ary: that is the ultimate question. How can a reasonably informed user still use Windows?
How can a reasonably informed user still use Windows? Answer: 90% of users are FAR from reasonably informed. They just think ALL computers run windows, they have no choice, and this is happening to everybody.
Matthew
(Windows users are FAR from reasonably informed. They just think ALL computers run windows, they have no choice, and this is happening to everybody.)
This is so true. My neighbor, when told that I wouldn’t be affected by MSBlaster and SoBig, asked why. I told her that I use an Apple computer running Mac OS (X), she just looked at me blankly.
I spent 10 more minutes trying to explain the diffence.
Then I explained the difference.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
So SAD yet SO TRUE!
The majority of computer loser…I mean users are as clueless as one can get.
Duh
MacBuddy: so now that she is informed, is she switching?
I have 11 switchers on my own but they were all dual-booters (Windows/Linux)
I’m really starting to take issue with the constant bashing of people who don’t use Macs on MDN. We need to ask ourselves if this a Mac News site or an anti-WinTel site. Increasingly the latter seems to be the case.
My mother has a Compaq Presario (what I consider to be a total pile of shit) but it is perfectly suited for her computing needs. She needs her computer to a) send and receive e-mail b) use AIM c) play games (Tiger Woods 2003 and Hearts). For her, this cheap Compaq running windows gives her everything she needs with great ease. All the apps she uses have desktop icons, so she doesn’t need to search anything out. She knows not to download any attachment from any e-mail, and I set her up with a solid firewall and other precautions. It is very very easy for her.
I am by no means pro-WinTel, not in the least. But why can’t some of us realize that just because someone is using a WinTel product it doesn’t necessarily mean they are a clueless brainwashed zombie burdened by a suffocating loathesome computing experience. Lots of people use their PCs to do lots of things unrelated to prodictivity, and for them their PCs may be perfectly suited.
Why don’t we work at being positive influences to those who truly need a solution other than Microsoft and Intel, and stop slamming everyone with blanket judgement statements. If we in the mac community came off as a bit more open and a bit less militant, we’d see more people switching.
Personally, I have helped my father, step father, fiancee, two of four brothers, one of three sisters, and a business customer to switch to Macs. But I only presented the switch idea to them because it truly made sense in their individual situations. I presented the pros and cons of changing to Macs. For each of them the staggering number of pros far outweighed any few cons I could come up with.
When we present people with a smart and honest argument for switching without talking down to them, they get it.
Most definately anti-WinTel here.
OK rageous, your mom is justified. Now.. about the others……
Seriously now, when a WinTroll comes here and spit out brainwashed statements what do you expect? S/he gets stoned to death.
Personally I had those 11 switch to OS X by simply showing they could do more efficiently all their work on this platform and more. Moreover avoiding the constant re-booting from one OS into the other.
BUT, I would have never been able to do that without OS X. With OS X is actually easy. Granted. the people I had switch were all professionals who could not give a shit what OS they were running. They just wanted the best solution and that was OS X.
If I am to show exactly the same things to another breed of Windows users he gets into defensive, claiming XP is more stable than OS X, that virii is tha fault of stupid users, that Mac has no software, that s/he has more peripherals, Macs cannot be upgraded, cost too much, they are toy AND do not have all the FPS games teh PC has – now how logic is that statement -. In a word: COMPLETE IDIOTS.
But they are not all IDIOTS, some are MORONS too
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Seahawk: I have no problem with laying into a WinTel troll who come in here trying to stir things up. Those people are making themselves targets. I was more referring to the rest who don’t troll but still get called names.
rageous: I guess I don’t understand exactly why a WinTel box is best for your mom. It sounds like the main issue is price, but from your comments, it’s not clear. It also sounds like you haven’t really refuted the possibility your mom is not “a clueless brainwashed zombie”, just that she may not be “burdened by a suffocating loathesome computing experience”. A fine distinction, but a distinction, none the less.
Unfortunately, your mom is the perfect vector for many viruses without vigorous oversight from someone like you. If she were using a Mac, she might not be a spawning point for viruses which is pat of the original point of this thread.
Even vigilant WinTel users may continue to be points of origin for viruses, whereas as most Mac users don’t even have to think about it.
I didn’t say a PC is best for her either. But she already has one and it’s not bad for her. That’s my point. Getting a mac might ultimately prevent virus issues, but her risk is very low of getting one anyway given her current use patterns and needs. It just doesn’t make sense for her to upgrade to any other computer, mac or otherwise.
I am a brainwashed zombie and proud of it! Well, not really, but in my opinion its really the size of Microsoft that attracts the virus writers. If the Mac system had a greater market share then logic states it would become a target too.
The virus writers out there want to do the maximum damage possible; therefore they target windows users.
Please note this is not a defence of Bill Gates! If that girly little four-eyes was in front of me right now….
Flawed logic, Pheonix. Logic can also just as easily state that the less secure a system is, the more a target it becomes, regardless of how many there are out there. OS X is not as enticing target only because it has less, as you say, market share. It is also a much less attractive target to virus writers and SKs because it is inherently more secure on many, many levels.
ragoeus: understood.
PART 1
Phoenix: this issue has been explored in all possible manners at every level: coffee-pause chat and expert level. Sure WIndows is a great target in that it is big but at the same time it is very vulnerable.
Unix servers as well offer a big target – often much more lucrative and fame-bringing for a virus author – still compared to a Windows system they are Fort Know vs Pop’s shop.
Virus out there for the most use ready-to-use virus developments kits off the net. Your required knowledge to write a virus?: practically zero.
Market share will not turn the plethora of script-kiddies into Unix wizards – pretty much required to write an effective *nix virus.
Last *nix virus affected some 600 system worldwide: not much of a new.
AND that is not related to how many *nix systems are out there which you can count by the millions.
Let me describe the situation without getting into computer architecture details: I did it in these threads many times already. I’ll try a different avenue for a change
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
A big elephant can be easy to shot at even for a novice hunter, especially if it sleeps, its legs are chained to ground and you shoot from 20 yards away and there’s 100 around you: the novice hunter will surely hit one elephant.
Now think about 100 cheetas running at full speed far in the distance, hundreds of yards away with trees and bushes fragmenting the LOS (Line Of Sight).