Posted on 02/06/2003 4:01:18 PM PST by chance33_98
Microsoft finds more glitches in XP and IE
By Nick Farrell [06-02-2003]
Fifth security advisory this year warns of IE and XP bugs
Two more Microsoft security advisories have appeared concerning Windows XP and Internet Explorer (IE). The latest Windows XP bug brings the total number of Microsoft security advisories issued this year to five.
The XP vulnerability has been caused by an unchecked buffer in the Windows Redirector function on the operating system, Microsoft said.
The company explained that an attacker exploiting the vulnerability could crash the system or run their own code with system privileges.
This could allow them to take any desired action on the machine, such as adding, deleting, or modifying data on the system, and creating or deleting user accounts.
According to Microsoft the vulnerability cannot be exploited remotely as calls to the Windows Redirector can only be made locally. Attackers would therefore need to log on to the system using an interactive logon in order to attempt to exploit this vulnerability.
The IE glitch has been found in versions 5.01, 5.5 and 6.0. And Microsoft warned that since it no longer supports IE 5.0 and earlier versions, these could also be vulnerable.
The security issue that has been identified could enable an attacker to read files or run programs on a computer used to view the attacker's website.
In a recent interview, Mark Greatorex, director of .Net Developer Group in the UK, said the company had not experienced any new vulnerabilities in the past 10 months. Two thirds of the company's developers, he added, are actually involved in software testing, not development.
Security, he said, is an industry wide problem, and one where "stones cannot be continually thrown at Microsoft without dispassionately looking at what is happening elsewhere".
Me too, but the "fix" for this latest took an abnormally long time to download and install. And I'm on cable Internet. Must have been a whopper.
So's my wife, I am happy with 2000 server, solaris, and red hat. Wasn't bashing MS by posting, just an FYI to those who don't follow the security patches and such. I subscribe to a series of security lists myself.
On the other hand, we have a Unix workstation that has run for four years without one single crash.
Windows is a toy operating system for soccer moms and kids. It should never be used for mission critical applications. I'll never use the $h!t again unless I have no choice.
-ccm
It boots faster, and loads even better.
We routinely have problems with windows machines, mainly lock ups. The OS on the unix side is more stable, but windows does have a place in the enterprise and our windows servers outnumber the solaris 2-1. Most the problems too are on older systems and seem to be the same ones over and over (usually traced to a hardware fault).
I use all of the above at home, except hp-ux which I will probably be setting up shortly. I like a diversity in platforms.
It is worth noting that third party software often contributes to problems, a case in point is Gnome on Solaris. I have had multiple problems with it and have since discontinued using it (except on my redhat box where it works well).
Can't say I'm a really big fan of Gnome, but anything is better than CDE. I've thought about putting KDE on that system, but just never have gotten around to it.
They are not certain but there is some kind of .NET authentication server that went down. No one could log in to their systems. Then like magic it began to work again. I sure hope they figure it out before it happens again.
-ccm
Apparently Bill Gates has control of my computer. Every once in a while I get this little thingy that pops up and tells me that my XP needs another fix and it asks me if I want to download it. I submit.
Well, the year is young...
Simply not true. The Navy uses Windows NT on their ships...
AHA! It's addicted...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.