MS releases mother of all IE security patches

The Register ^ | 14/12/2001 | John Leyden

[peabers]

This is meant as a public service announcement, and not the start of a browser war.

[peabers]

Filing

[BansheeBill]

bump

[TomServo]

This is meant as a public service announcement, and not the start of a browser war.

Unfortunately - that's what it'll turn into.

[SmartBlonde]

Thank you. Love the title of the article.

[StayoutdaBushesWay]

Thanks

[SpaceBar]

I realize this shouldn't be a browser or OS war so I won't go there, but IMHO Microsoft could greatly increase their credibility by undergoing an internal security audit of all their source code. Say one billion $ over two years. Remove gimmicky scripting support except for a restricted chroot sandbox and leave it at that. A drop in the bucket in the larger scheme of things.

[lancer]

Thanks, I just installed the download.

[Fractal Trader]

Another example of superior Microsoft (in)security in its products for you? Can't deny this one, I guess, so you can't defend it. The silence is deafening.

[Cicero]

Hackers all work on Microsoft because the other OSes aren't widely enough used to bother with.

[Rudder]

I just installed the new security patch and rebooted. To my satisfaction it worked like a charm. I haven't been hacked since installation and what a relief that is.

I also recently purchased what looks like a lawn ornament but is actually a tiger repeller. That, too, works as adevrtised---not one attack since installation.

[mdittmar]

From your link:

This update eliminates all known security vulnerabilities affecting Internet Explorer 5.5 Service Pack 2 (SP2)

Do I need this if I am running version 5.50,4134,0600 128-bit encryption?

I don't want to download something I don't need.

"If it ain't broke, don't fix it."

[RobRoy]

bump for when I get home, since I'm using netscape at work.

[RobRoy]

Hey, another fun thing to do on the internet is create yourself two hotmail accounts and then pass yourself emails back and forth about a fictitios terrible illegal act you are planning with "each other" and see if you reel any gub'ment types in.

'Course, theres the obvious risk...

It's not like yelling "fire" in a theatre since your correspondence is supposed to be "private."

I suppose, when the BATF knocks down your door, you could always say you were "creating" material for a book...

[spectr17]

I also recently purchased what looks like a lawn ornament but is actually a tiger repeller. That, too, works as adevrtised---not one attack since installation.

How much for the tiger repeller? Man can never be too safe.

[zandtar]

Hackers all work on Microsoft because the other OSes aren't widely enough used to bother with. BS, there are plenty of hacks for Linux and Macs. Both are correct statements. Microsoft has long been a favorite target of hackers for numerous reasons. Widespread availability is one. Microsoft being perceived as the "evil" corporate empire is another. And since Microsoft gears their products for widespread use and compatibility, they're usually huge in coding compared to a dedicated program. Add in that Microsoft is most likely driven by Marketing (as most corporations) who only care if something works, not how it can break.

But, on the other hand the Unix and Sun based hacks are on the increase as well, as they gain popularity in both the corporate and private sectors. And they're hacks that are just as deadly as some of the Microsoft's.

The interesting part will be to see if Unix and Sun fall into the same trap as Microsoft, in that trying to meet the demands of the users, they're forced to spread out their support and offerings, which in turn open up more doors for the black hats.

Either way, both products are totally vulnerable straight out of the box. Although you'll never hear many of the Unix elitists admit that.

[Bush2000]

Another example of superior Microsoft (in)security in its products for you? Can't deny this one, I guess, so you can't defend it. The silence is deafening.

This is bad. But it's hardly the end of the world, as you'd portray it.