Posted on 01/05/2006 12:45:10 PM PST by Gomez
update Microsoft plans to release a fix for a serious security vulnerability in Windows on Thursday, several days before the patch's scheduled delivery.
The company is breaking with its monthly patch cycle because it completed testing of the security update earlier than it anticipated, it said in a note on its Web site. "In addition, Microsoft is releasing the update early in response to strong customer sentiment that the release should be made available as soon as possible," the company said.
The security update, originally scheduled for Tuesday, fixes a vulnerability in the way Windows renders Windows Meta File images. The bug was discovered last week and is increasingly being used in what Microsoft calls "malicious and criminal attacks on computer users."
(Excerpt) Read more at news.com.com ...
Excellent explanation of this new exploit!!!
All the Firewall's and anti spyware doesn't mean much with this exploit....
I think the Microsoft bureaucracy got caught with their shorts down!!!
I didn't know that. Thanks. Glad this patch is coming out. I am certainly not a securty expert.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Well, they need to maintain backward compatibility, although I've heard Vista won't be as thorough as XP and previous versions were, which I'll miss.
But I find it hard to believe that a flaw that penetrates to the core of a system, i.e. allows someone to execute malicious code on your system, can survive across the DOS 4.x - DOX 6.22 - DOS 7/Win 95 - DOS 8/Win 98 - 2000/NT5 - XP/NT5.1 development lines. Like I said, they don't even share the same kernel.
Well,....I think this is just an application.....but because of the way Windows is constructed....it has access to privileged services....
THAT is the Windows FLAW!!!
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Upon rereading, it looks like only 2000, 2003, and XP are vulnerable to the flaw, which makes more sense. Of course. it's never good if malicious code can be executed on your machine.
But it looks like for this specific flaw to be exploited, you have to go to a web page or open an email or document containing a .WMF picture that's been edited maliciously. So so users were always safe from this one as long as they followed the standard rule never to open an email or document from someone you don't know or that you can't identify, and avoid websites such as my old favorite, www.pr0n-n-w4r3z.ru. Opening something containing malicious code can screw up any machine.
If you would like to save your state from reboot to reboot using a Linux live-cd, you might try the Puppy distribution.
Jeez, what is it with all the animosity towards people who don't want to make Bill Gates even richer for making an inferior and defective product?
Class envy and principio principii all in one post. Impressive.
Not if you browse with lynx. I SSH to my server and lynx from there. No FW, no AV, no spyware checker, no patches.
Um, you are aware, aren't you, that Macs are UNIX? You should be able to compile your application for Macs from either the Linux or SGI or Sun code... Macs are quite well thought of in the scientific areas because of their ease of use and the flexibility of UNIX that is the OSX foundation under the GUI.
Heck, they don't even fix one before they are releasing a NEW version. And not only that, they are no longer going to support XP Home edition after the first of 2007. So get this, if you run out this summer and buy a new PC with Windows XP Home edition on it, it will not be supported after a paltry 6 months.
A pox Bill Gates and the crap he has foisted on us all.
It is not class envy to not to want to pay money for an inferior product.
Oh, yeah. I'm sure that all he has to do is recompile his code, right? LMFAO! Who's your dealer? I've gotta get me some of that stuff you're smoking...
Then why did you mention "making Gates richer" if it was irrelevant to your point?
Umm... Antivirus makers catch up to Windows bug
"While users wait for a Microsoft fix, many antivirus products will protect PCs against attacks that exploit a recently disclosed Windows flaw, but not all. "
"According to a test of a range of antivirus products published on Wednesday, Trend Micro was the only major antivirus vendor that failed to catch a number of malicious files that exploit the new Windows vulnerability."
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.