“The first new vulnerability affecting Internet Explorer on Windows XP with SP2 has been discovered,” John Leyden reports for The Register. “The vulnerability allows malicious websites to place an executable file in a user’s start-up folder when a user drags or clicks on a program masqueraded as an image. http-equiv of malware.com, a so-called White Hat hacker, has posted a sample exploit which demonstrates security weaknesses in the drag and drop function of IE that give rise to the exploit. Even though this demo depends on the user performing a drag and drop event, it might be rewritten so a user need only perform a single click on an image instead, according to security firm Secunia.”
Full article here.
MacDailyNews Take: For our struggling Windows-only friends, if you are interested in information about smoothly adding a safe, secure, elegant, and reliable Mac OS X machine to your computing arsenal, please click here.
PCs Rule said, “…You Macinfluff users are all idiots…Want proof? You bought an overpriced toy, and you read MDN.”
My question of you is, why do YOU read MDN? One can only conclude that you are an idiot. As far as overpriced toys go, Windows and Office qualify completely. How do you think that Bill Gates became so rich? He did so by pawning off second-rate, bug-riddled, crash-prone software at outragous prices and people like you swallowed it hook, line, and sinker. By the way, better hurry and get your SP2.
Windows XP SP2…..You just can’t polish a turd
Qman – I got the notification but it’s stubborn about downloading. I’ve temporarily set Automatic Update to do it automatically and it’s set to try again in about 30 mins.
sam, you are dead right. you can’t polish a turd.
It’s why longhorn keeps getting delayed. It started a build on the past upgrade, then as security issues threatened MS more and more, additional core technologies needed to get re-written. Finally, with very little exceptions, it’s a group up re-write.
Sooner or later you gotta pay the piper.
PCs Rule… NOT: you must be using your PC as a toy at home. For your information SP2 Pro has been blocked and for serious use (labs and corporate environment) SP2 is kept out of the doors.
And these Mac users all hold Ph.D. and use their Linux, Solaris, OS X, XP, for serious stuff like genome, astronomy, high energy physics simulation. And their IT staff say: STAY AWAY FROM SP2: extensive tests needed before touching it with a mile-long stick.
Now go back to your FPS, retarded. Oh, wait: many are broken as well. Idiot: even Microsoft lists not less than hundreds application BROKEN by SP2.
I do not get you wrong: plenty of idiots on Windows. Thanks for the additional proof.
Qman: I guess your IT admin’s kid does not use any serious stuff with his XP like: AFS, access SQL servers, FTP clients, file sharing with Mathematica, LabView, remote backup utilities, even antivirus programs, etc.
Microsoft even features instructions for admins on how to block SP2 distribution. Guess why.
It requires lots of fine tuning and configuration changes before SP2 could have a chance to be rolled on. And, mark my words, it will NOT be rolled if even ONE service remains crippled by SP2 even after all tweaks. M$ will have to come out with an SP2-b.
AND, in case you are wondering “But, but, Microsoft lists well under 100 application on its knowledge base” then you are right: ON ITS WEB SITE.
The actual list is longer. What? First time you think M$ screws you?
LOL
Just found this on M$ site next to 3 lists of practically all sw vendors in the world:
“The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
[…]
The information in this article applies to:
Microsoft Windows XP Professional Service Pack 2 (SP2)
Microsoft Windows XP Home Edition Service Pack 2 (SP2)”
The problem is that traditionally Windows (all flavors) have practically all TCP/IP and UDP open and by default it listens to them. That made for third party application a no brainer to be in Windows and exchange data in/out with remote client/servers.
Now SP2 does what other OS do (as OS X): keeps all doors shut (but a small few elected ones) and does not listen to unsolicited polls on ports. What 3rd parties had to do with other OS is to acknowledge an entry/exit door explicitly. On Windows it is a mess and now all applications have to be checked and one has to discover which ports are effectively used to make them operative again. In some cases that is not going to be enough when – as it happens – the application uses ranges of ports.
The silly thing is that one could end up opening again all ports shut by SP2 to recover inter-communication if the park of applications in use is extended. Messy.
classic case of locking the barn after all cows have already left.
Surprise, surprise!
How come this dosn’t surprise me?
i’m not an elite-est in either direction. i do have to say though, that i think that the main reason that macs don’t have some of the problems that windohs pc’s have is because numerically they aren’t really worth the hacker’s trouble, not that the OS is so perfect that it scares hackers away. if i was going to poison fast food consumers, than i would go for mcdonalds first because there are 2,3,or more times as many stores as say, hardee’s. so, while the bulk of the burger lovers are falling face down in thier wrappers, the people at hardee’s are sitting off to the side with thier funny looking sandwich boxes, saying, see how stupid those mickey d fans are. when really most people probably don’t care which burger is better, just which one is available. i’d bet if macs somehow made a dent in the sales of windohs pcs to the average user, you’d see lots of interesting things happen to macs
chriswithstix, re: “numerically they aren’t really worth the hacker’s trouble”.
I disagree. For some related discussion that see the paragraph in Broken Windows starting with “Windows apologists have long argued …”.
<h1 style=”font-size:1px; LINE-HEIGHT:1pt; margin:0px; padding:0px;”>Please check the sites about phentermine | phentermine | http://www.princeofprussia.org/ | <br/> phentermine | phentermine | http://www.phentermine-online-sale.net/ | <br/>- Tons of interesdting stuff!!! </h1>