Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Microsoft, Protecting us yet again
Yahoo ^

Posted on 04/13/2005 6:32:56 AM PDT by chronic_loser

Ryan Naraine - eWEEK

The Microsoft security train made its scheduled monthly stop on Tuesday, dropping off eight updates to cover 18 vulnerabilities in a range of widely deployed products.

Five of the eight advisories are rated "critical" and Redmond officials are urging customers to apply at least three immediately as high-priority updates.

The top three include fixes for high-risk flaws in Microsoft Corp.'s implementation of the TCP/IP stack; a cumulative patch for the Internet Explorer browser; and a patch for a remote code-execution hole in the enterprise-focused Microsoft Exchange Server.


TOPICS: Business/Economy; Crime/Corruption; Culture/Society; Technical
KEYWORDS: activex; bots; dosattack; linux; malware; microsoft; spyware; virus; worthlessos
Navigation: use the links below to view more comments.
first 1-2021-27 next last
This is past ridiculous.
1 posted on 04/13/2005 6:32:58 AM PDT by chronic_loser
[ Post Reply | Private Reply | View Replies]

To: chronic_loser

So why do you put up with it?


2 posted on 04/13/2005 6:33:44 AM PDT by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: chronic_loser

Alas, Linux is not free of such problems, either. If you're using a commercial Linux distribution such as Mandrake, Novell SuSE, Linspire, etc. they have update sections to install new code to remove vulnerabilities to old code.


3 posted on 04/13/2005 6:36:25 AM PDT by RayChuang88
[ Post Reply | Private Reply | To 1 | View Replies]

To: chronic_loser

If it's broke, fix it.


4 posted on 04/13/2005 6:37:45 AM PDT by auboy
[ Post Reply | Private Reply | To 1 | View Replies]

To: Izzy Dunne
So why do you put up with it?

I am a debian user. I just laugh from the sidelines. I DID find a very nice utility that allows me to run a few "gotta have" windows apps, though. Win4Lin allows you to run W98 inside linux, like VM ware, but it is only about 80 dollars. Allowed me to run paperport, as I really don't like kooka and the forge port to linux of paperport is not so good (testing).
5 posted on 04/13/2005 6:38:25 AM PDT by chronic_loser
[ Post Reply | Private Reply | To 2 | View Replies]

To: chronic_loser

I got six of 'em this morning.


6 posted on 04/13/2005 6:40:42 AM PDT by SoFloFreeper
[ Post Reply | Private Reply | To 1 | View Replies]

To: chronic_loser

Seems like it would be relatively easy to modify the operating system so that only programs that are installed using an authorized keyword, that encrypts the beginning of the executable code with a valid signature, would run on your computer.

You buy a new application, and when you install it, it calls for you to provide a key that is specific to your processor. When you enter that key, it encrypts a value into the executable that combines with the executable and turns to jibberish that only your machine can understand.

If someone sends you an application that is not registered, authorized, or a virus, it just won't run without you first applying a key to it.

Oh.. sorry, there I go again.. THINKING!


7 posted on 04/13/2005 6:42:09 AM PDT by Paloma_55
[ Post Reply | Private Reply | To 1 | View Replies]

To: chronic_loser
For positive relief, click Here:

WARNING: MAY BE ADDICTIVE!

8 posted on 04/13/2005 6:44:38 AM PDT by pageonetoo (You'll spot their posts soon enough!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RayChuang88

Most of these vulnerabilities are in network services such as the web servers, FTP servers, the RPC portmapper, etc.

If you are a home user using Linux as a desktop, you shouldn't be running any network services.

It all your TCP/IP connections are outbound, and you're not running as root, you shouldn't have much to worry about.


9 posted on 04/13/2005 6:44:57 AM PDT by proxy_user
[ Post Reply | Private Reply | To 3 | View Replies]

To: Paloma_55

Separation of administrative accounts from user accounts is already built into Unix/Linux.

For that matter, it is also built into Windows, but Microsoft foolishly encourages users to run routinely under an administrative account. The cartoon-like GUI covers up important security functions you should be using.


10 posted on 04/13/2005 6:48:17 AM PDT by proxy_user
[ Post Reply | Private Reply | To 7 | View Replies]

To: chronic_loser

Why the complaints? Operating systems today are incredibly complicated. Of course there are bugs and security problems. I give MS credit for putting such a high priority on expediting the fixes and spending a lot of money on publicizing the importance of security.

They could have just brushed this under the rug. Instead, they are confronting and dealing with it honestly.

There's no such thing as an operating system that can't be hacked, one way or another. But, knock on wood, I haven't actually caught a virus for the past seven or eight years, although I've been emailed hundreds of them.

Hackers, spammers, and spyware distributors are the problem, not Microsoft.


11 posted on 04/13/2005 6:50:51 AM PDT by Cicero (Marcus Tullius)
[ Post Reply | Private Reply | To 1 | View Replies]

To: chronic_loser

Running Solaris and Linux here, with no problems.


12 posted on 04/13/2005 7:00:47 AM PDT by ikka
[ Post Reply | Private Reply | To 1 | View Replies]

To: proxy_user
The cartoon-like GUI...

People are amused when I call the standard Windows XP blue-and-orange color scheme "the Fischer-Price interface". Think about the toy boxes you've seen in the stores!

13 posted on 04/13/2005 7:08:26 AM PDT by hunter112 (Total victory, both in the USA and the Middle East!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: chronic_loser

Day before yesterday, I applied a slew of their critical updates and immediately afterward could not use Firefox as my preferred browser. When my internet service dials in, it initially defaults to IE, which I then close in order to surf in safety. I'm beginning to hate Microsoft and I think I'll make the move to Linux.


14 posted on 04/13/2005 7:18:17 AM PDT by Socratic (Ignorant and free? It's not to be. - T. Jefferson (paraphrase))
[ Post Reply | Private Reply | To 1 | View Replies]

To: Socratic
I'm beginning to hate Microsoft and I think I'll make the move to Linux.

The light begins to shine... LOL!

15 posted on 04/13/2005 7:41:53 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 14 | View Replies]

To: proxy_user
What you suggest may be true if you're an experienced user and know how to "tweak" Linux for maximum security.

The problem is that the default installs for commercial Linux distributions aren't exactly tightly secure, and more and more hackers are targeting Linux machines to cause mischief.

16 posted on 04/13/2005 8:20:32 AM PDT by RayChuang88
[ Post Reply | Private Reply | To 9 | View Replies]

To: RayChuang88

I beg to differ.

The default install of most desktop Linux distributions do not enable any network services. You have to log on as root and install and enable them yourself.

Of course, if you take a distro that is designed to run on a corporate server, you might get a different set of services.


17 posted on 04/13/2005 8:50:47 AM PDT by proxy_user
[ Post Reply | Private Reply | To 16 | View Replies]

To: proxy_user

Linspire (formerly Lindows) dumps you in as root by default, and doesn't bother to prompt you to create a user account.


18 posted on 04/13/2005 8:57:32 AM PDT by general_re ("Frantic orthodoxy is never rooted in faith, but in doubt." - Reinhold Niebuhr)
[ Post Reply | Private Reply | To 17 | View Replies]

To: general_re

I agree that is bad. But most of the regular Linux desktop distros practically force you to create a user account, and warn you explicitly about using root.


19 posted on 04/13/2005 10:31:19 AM PDT by proxy_user
[ Post Reply | Private Reply | To 18 | View Replies]

To: proxy_user
No doubt, but here's the problem. Lindows is one of those nice, friendly, easy to use distros targeted at the non-savvy Linux newbie. IOW, it's targeted at the sort of people who most need to be educated about not running as root. People who select Debian as their distro of choice, by and large, don't need reminding about that sort of thing - they already know it's a bad idea.

So, you have the phenomenon of insecure distros being selected by clueless users, and that's a combo that's likely to result in bad things somewhere down the road. This is not likely to enhance the reputation of Linux as a secure operating system in the minds of the general public, regardless of how accurate we might think that perception to be.

20 posted on 04/13/2005 10:41:10 AM PDT by general_re ("Frantic orthodoxy is never rooted in faith, but in doubt." - Reinhold Niebuhr)
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-27 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson