| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft says Silverlight not vulnerable to most common exploits | |
|
||
| Time: 13:40 EST/18:40 GMT | News Source: ComputerWorld | Posted By: Andre Da Costa | ||
|
Silverlight, Microsoft Corp.’s upcoming Web media software, may be several months from its official release, but experts have already reached a consensus -- albeit a weak one -- about how secure it will prove to be. That consensus favors Microsoft's argument that the software won't be easily exploitable by hackers. Microsoft says that Silverlight, a browser plug-in that works with Internet Explorer, Firefox and Safari, has key attributes that should prevent Silverlight from such exploits. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 321 Last | Next |
The time now is
4:30:14 AM
ET.
Any comment problems? E-mail us |
| #1 By 52115 (66.181.69.250) at 5/2/2007 2:34:44 PM |
|
WHAT?? No Opera Plug-in??! What the *&^%&*%..
We've heard this before.. NO OS OR PROGRAM IS PERFECT! A flaw WILL be found.. |
| #2 By 15406 (216.191.227.68) at 5/2/2007 3:02:16 PM |
|
Microsoft says a lot of things, and some of them are even true. They should be smart enough to just shut their mouths. They (and everyone) knows Silverlight will somehow be exploited. They end up looking like (bigger) idiots when they chow down on their own words. Seems to me I heard the same stuff about Vista. It wasn't long before exploits popped up.
|
| #3 By 32132 (142.32.208.234) at 5/2/2007 3:16:10 PM |
|
# 2 "Seems to me I heard the same stuff about Vista. "
"Ninety days after the release of Microsoft's Windows Vista to business customers, the new operating system has a much better security vulnerability profile than its predecessor and several other modern workstation operating systems including Red Hat, Ubuntu, Novell and Apple products. That's according to Jeff Jones, security strategy director in Microsoft's Trustworthy Computing group. Jones has published a 90-day report card (.pdf), stacking up flaws reported and fixed in Vista against vulnerabilities covering during the first 90 days of Windows XP, Red Hat Enterprise Linux 4 WS, Ubuntu 6.06 LTS, Novell SUSE Linux Enteprise Desktop 10 and Mac OS X 10.4 (Tiger). During the period under review, Jones said Microsoft shipped a solitary security bulletin affecting Vista users — MS07-010, which covered a remotely exploitable hole in the Microsoft Malware Engine. He also called attention to four other reported Vista bugs that remain unpatched, one carring a "high risk" rating. By comparison, during the first 90 days after Windows XP shipped, Jones research showed that Microsoft patched a total of 14 vulnerabilities, 8 rated critical. "At the end of the 90 day period, a total of 4 publicly disclosed [Windows XP] vulnerabilities did not yet have a patch available from Microsoft," Jones said. Regarding Red Hat Enterprise Linux 4 Workstation (rhel4ws), Jones said the open-source vendor fixed a total of 181 vulnerabilities, 58 rated "high severity" by the U.S. governments National Vulnerability Database. He acknowledged that many of these bugs covered components that Red Hat ships and supports as Red Hat Enterprise Linux 4 WS, noting that it might be construed as "unfair" to count those. However, even with RHEL4WS reduced component set, Jones said: The reduced rhel4ws set of components had 86 vulnerabilities already publicly disclosed prior to general availability. Patches available on the first day of ship addressed 34 of these. During the first 90 days, Red Hat fixed 137 vulnerabilities affecting the reduced rhel4ws set of components. 40 of those addressed were High severity. At the end of the 90 day period, a total of 64 publicly disclosed vulnerabilities in the reduced set of components did not yet have a patch from Red Hat. In the first 90 days after Apple's Mac OS X v10 shipped, Jones showed that Windows Vista fared much better, arguing that the data does not support Apple's marketing stance that the Mac OS X does not have the same security issues that face other operating systems. Specifically, Jones reported that: Mac OS X v10.4 had 10 vulnerabilities already publicly disclosed prior to the April 29, 2005 ship date and Apple provided fixes for 4 of these during the first 90 days after ship. Four of the vulnerabilities were High severity. During the first 90 days, Apple fixed a total of 20 vulnerabilities affecting Mac OS X v10.4, of which 8 were rated High severity in the NVD. At the end of the 90 day period, there Mac OS X v10.4 still had 17 publicly disclosed vulnerabilities that did not yet have a patch from Apple." http://blogs.zdnet.com/security/?p=135 This post was edited by NotParker on Wednesday, May 02, 2007 at 15:18. |
| #4 By 32132 (142.32.208.234) at 5/2/2007 3:17:09 PM |
| #2 You should try Vista. |
| #5 By 3653 (68.52.143.149) at 5/2/2007 3:40:54 PM |
|
NotParker, don't encourage latch to TRY the product and get first-hand knowledge. That would only make his posts somewhat relevant, thus harder to quickly pass over as we read AW comments. This post was edited by mooresa56 on Wednesday, May 02, 2007 at 15:41. |
| #6 By 12071 (203.185.215.144) at 5/2/2007 11:27:18 PM |
| Hang on a second... they spent 3 pages and most likely a lot of ads... to tell us that it should be safe because it runs in a sandbox... like Java Applets and certain other browser plugins... Wow! Newsworthy stuff! Imagine it... implementing a sandbox in 2007... innovation and reporting at it's best! |
| #7 By 15406 (216.191.227.68) at 5/3/2007 8:17:03 AM |
|
#6: It's just media manipulation to try and create visibility for it. Tomorrow's story will be about how you can run Silverlight on Windows 2K and XP, but it runs best on Vista.
|
| #8 By 32132 (142.32.208.234) at 5/3/2007 11:05:41 AM |
|
#6 When someone full of hate like you reads an article that doesn't hate Microsoft, it must come as some kind of shock to your system. Especially since you don't really believe in anything other than hate.
#7 Yeah ... the media should never write about new technology unless prior approval is received from your masters at the FSF. |
| #9 By 15406 (216.191.227.68) at 5/3/2007 2:25:18 PM |
|
#*: LOL, you're such a clown. Here, this will keep you busy frothing for a few hours:
http://blog.mon.itor.us//?p=286 |
| #10 By 32132 (142.32.208.234) at 5/3/2007 3:04:10 PM |
|
http://blog.mon.itor.us/?p=289
"Dear Users, due to huge load, our service was experiencing some interruptions yesterday. We want to apologize for any inconvenience and will do our best to avoid such situations in future. " Too bad they were using Linux. |
| #11 By 28801 (68.81.50.122) at 5/3/2007 3:40:07 PM |
| I guess they didn't include their own servers in the comparison... |
| #12 By 12071 (203.185.215.144) at 5/3/2007 7:46:37 PM |
|
#8 I told you before, no hate, not even for you... which is a surprise given you have such a natural knack for making everyone think you're the most stubborn, arrogant, ignorant MS shill around. If you had better literacy skills... you'd be lketchum.
Having said that, this is a complete non-story! I don't care which company it's about or what product it's about (as this one looks quite nice to play with and Miguel is going to make it available on Mono by the end of the year, which is a nice bonus)... the editors spend 3 pages to try and show you as many ads as possible and the whole thing can be condensed down to a single sentence. "We believe it won't be vulnerable to common exploits because it runs in a sandbox... like several other plugins that have been available for years." Only a shill like yourself can't see this for what it is, marketing bullshit! |
| #13 By 12071 (203.185.215.144) at 5/3/2007 7:50:15 PM |
| #9 I'm surprised that NetBSD beat out OpenBSD, wouldn't have expected that. |
| #14 By 32132 (64.180.219.241) at 5/3/2007 7:56:21 PM |
| #12 Hateful combined with reading problems. |
| #15 By 15406 (216.191.227.68) at 5/4/2007 8:26:04 AM |
| #13: The *BSD line is solid. Both Windows and Linux should aspire to reach their levels of stability. 15 years ago, I was part of a team that setup one of the first 3 dialup ISPs in my city, and we used NetBSD as the backend. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 321 Last | Next |
The time now is
4:30:14 AM
ET.
Any comment problems? E-mail us |
