| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
'Critical' megapatch sews up 10 holes in IE | |
|
||
| Time: 00:03 EST/05:03 GMT | News Source: ZDNet | Posted By: Kenneth van Surksum | ||
|
Microsoft on Tuesday released a "critical" Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks. The Redmond, Wash., software giant sent out the IE megafix as part of its monthly Patch Tuesday cycle of bulletins. In addition, Microsoft delivered two bulletins for "critical" Windows flaws, one for an "important" vulnerability in Outlook Express and one for a "moderate" bug in a component of FrontPage and SharePoint. | ||
|
Write Comment
Return to News |
Displaying 26 through 50 of 552 Prev | Last | Next |
The time now is
4:52:30 PM
ET.
Any comment problems? E-mail us |
| #26 By 3653 (63.162.177.143) at 4/13/2006 3:57:58 PM |
|
for the record, i ask latch and kabuki to "meet me outside" so we can settle this and stop bothering Mister any longer.
Mister, I would still say this banter serves a purpose. For me personally, it gives me a better feel for the underlying "crazy" element behind open-source. Beyond the volume of exploits and bugs with linux, I find that rather large crazy element to be a great reason to not associate directly (ie... to buy and use) with many of the open source products. |
| #27 By 16797 (70.48.107.84) at 4/13/2006 4:34:15 PM |
|
#23 "The fact that it has less problems overall than Windows and faster patching is just icing on the cake."
Now, this is pure BS.. And it is always "arguments" like this that OSS fanboys throw around: "It is better than Windows," without ever actually going into the details. Plus, it was customers that requested from Microsoft to move to monthly patching schedule, remember? #20 #17 "sandboxing IE" NotParker, thanx for the info, but I do not have problems running Windows and/or IE. I do prefer other browsers like Opera, Netscape or Firefox mostly because of the tabs (no, MyIE & friends don't do the job for me) and some other little things, and sandoboxing IE by default will solve a lot of problems for people like Latch. Because it is always Linux crowd that is uncapable of using Windows without getting BSOD or infected with zillion of viruses, etc.. And they are, supposedly, geeks.. Strange. They never have problems with running games for days, but to run Word or Excel without problems.. it is impossible. I was thinking of trying Linux, but then I realized that I could become unable to use Windows soon after that so I said fuck that idea.. |
| #28 By 32132 (64.180.219.241) at 4/13/2006 9:19:36 PM |
|
Anyone notice that they snuck out Firefox 1.5.0.2 today with 5 critical security fixes? And 1 high and 1 moderate.
"Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing. " http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.2 Thats 13 critical security holes in 1.5.x and 26 total since ... oh never mind. No one cares if Firefox has had more security issues than IE 6 in the last year. This post was edited by NotParker on Thursday, April 13, 2006 at 21:26. |
| #29 By 32132 (64.180.219.241) at 4/13/2006 9:45:30 PM |
|
By the way, if 10 security patches for IE are called a MEGAfix, what are 7 security fixes for Firefox called ... cricket ... cricket ... cricket.
Oh right. 7 Firefox security fixes are ignored. and 26 in the last couple of months are ... a Microsoft plot! |
| #30 By 23275 (68.17.42.38) at 4/13/2006 11:04:20 PM |
|
#31, They will forget my talk on this subject in the context of "IC" from a few months ago.
[Incidence of Coincidence where Phi of Observed is measured against many other variables]. How much open, published, and for hire scrutiny is applied to OSS/FF/Moz? - relative to MS and IE? That was the basis of the observations - which are based upon real-world studies and at the 6" level - our own. I'm bushed and sick of this sort of exchange in one context and oddly, grateful to see it - at least some people are thinking and have an opinion - regardless of how naive it may be, or whether one agrees with it or not. It's actually kind of cool - to see young people and perhaps older folks, exchange ideas. I do dislike it when the personal stuff comes close to the edge of reason. My 2 cents [ok, I can only afford one cent...], I own a company - run datacenters - builder servers, workstations and media systems - build applications, rebuild applications, etc... customers are global and clients range from one Doc I think is just bitchin all the way up to the US Govt. and DOD. Here's the real simple math: "We support the developer!" If the dev team is best suited to use JSP and a high-order languages like C++ - we'll run a wide mix of *Nix [from the By God Command Line] (usually, RH AS, TomCat, and Oracle)....but MS Compilers will be used by that team, because, well, they are great compilers! If the dev team likes VB.NET - well, it's Server 2003, VS 2005 Team System, or 2003, and .NET 1.x - 2.0 [SQL 2005 so rocks people!!!!! - as does VS 2005 Team System - what a dream!]. A lot of devs specialize in different types of apps - transactional apps [these will be smok'in hot C++ Devs with weaker Oracle DBA's], while the .NET guys will be the most open in every sense of the word - open to ideas, that is. I see [each day] - both! Support, Both! - cuz the dev is just what he, or she is.... and knows what they know. Now as a business person - running and funding the joint and working with others just like myself - I can swear to you which makes more money, costs less money and is a better experience all around - and that [in my experience], is .NET all the way. My Gosh - .NET Object out to XML - Oh man... it is so sweet - one can do anything in any vector based animation tool and make apps do things few can imagine! [and we do!]. Now, two camps - both great and niether has a thing to do with the "Trash" or the "Lie" as we both [groups] call it - you may know it as "The Stack!" [oh they love cute names for stuff..] You know who I mean, the Apache, PHP, Perl, MySQL crowd scripting garbage they sometimes sell for big dollars - the bigger liars are the "Trash Heap" of hosting companies selling products based upon, "The Stack." I have cleaned up more stack-crap than I can speak of. Understanding these groups will help anyone at any age understand - at least as this old man see's it - what is and what is not. Oh, and yes, dear golly yes, I'd like to see a Google OS and Yahoo OS and an IBM Browser, too - but.... sans a platform as well fashioned and complete as Microsoft's - each would get hammered [not by you guys], but by guys like me - the slobs with pen in hand - squaring off against a stack of payables each day - hand shaking, eyes wet with fresh tears - we hate the Stack and we hope for the JSP guys [that they have time to learn .NET] - and we go home, kis our wives and Thank God for .NET - it helps me pay the people I Love!!! the people who hammer away all day and night for my company! |
| #31 By 16451 (71.213.150.29) at 4/14/2006 6:56:22 AM |
| My Gawd, doesn't he every get tired of tooting his own horn? |
| #32 By 12071 (203.158.34.64) at 4/14/2006 8:26:09 AM |
|
#21 Do you really think it's that odd? I don't honestly see it any different from most sites except that there's a smaller community (of vocal users at least) here so it's easy to single people out which ends up leading to, at times, the immature name calling/bickering etc. that you pointed out which most people here have been guilty of at one time or another. Let's call it human nature with the added benefit of some anonimity which enables people to act out more than they otherwise would.
This site is focused (mainly) on Microsoft and as a result you end up having Windows vs. Linux, IE vs. Firefox and (IBM compatible) PC vs. Mac arguments. The last argument will now be simplified to Windows vs. OS X but the arguments will be much the same and people will stay on their "side". Sometimes people are on a "side" because of their principals/beliefs, other times it's due to highly successful marketing and for all the other reasons you'll need to read several psychology books and still end up not really understanding where it all comes from and why people end up acting so passionately about what at the end of the day is quite inconsequential. On other sites you will see familiar "holy wars" except the topics will be Sony vs. Microsoft vs. Nintendo (which used to be Nintendo vs. Sega etc in the past), Vi vs. Emacs (still going!), KDE vs. Gnome, BMW vs. Mercedes, Republicans vs. Democrats etc. i.e. I don't think people are going to change any time soon. #27 I think we may need to. #30 Thanks for letting the other know - those of us with Firefox installed were notified that the new version had been downloaded and that we should restart to patch to the new version. Upon restart Firefox automatically went through all my plugins to check they were all compatible with the new version and updated my AdBlock Plus and FilterSet.G plugins as new versions of those had been released. All of that - without having to wait until "next month's" patch cycle. It's an interesting approach they have - fix problems as they come up, rather than ignore them until an exploit is released and then wait another month. #34 No he does not.... and he'll be back later to explain why in no less than 10 paragraphs. This post was edited by chris_kabuki on Sunday, April 16, 2006 at 11:22. |
| #33 By 12071 (203.158.34.64) at 4/14/2006 9:03:14 AM |
|
Parkkker... I'm surprised you didn't point out this story (after all we all know how concerned you are when it comes to security!):
http://www.eweek.com/article2/0,1895,1949279,00.asp "Murphy noted that the vulnerability that is documented was privately reported, but the "variation" that was also patched has been publicly known for 700+ days." |
| #34 By 32132 (64.180.219.241) at 4/14/2006 11:30:30 AM |
|
#35 "All of that - without having to wait until "next month's" patch cycle"
I'd like to discuss this, but Bugzilla won't let me look at the underlying bug for each patch unless I have appropriate permissions. In fact, if you look at Firefox 1.5 and 1.5.01 there are a bunch of bugs that date April 13th that are kept secret. Did they secretly fix 1.5 and 1.5.01 too? Are there really something like 20 critical bugs in this megapatach? Oh I see what they did. The were trying to con people into think 1.5.0.2 had a lot few fixes than it really did, when in fact there were twice as many fixes on April 13 than the 7 they admitted for 1.5.0.2. Thats not a very open process. Is that what you are getting at with #36? This is one humungous patch for Firefox! What an insecure piece of crap! This post was edited by NotParker on Friday, April 14, 2006 at 11:41. |
| #35 By 39852 (204.101.172.146) at 4/14/2006 1:11:39 PM |
|
#27, I'm sure everyone can see the crazy element of all OS's user-base on this site. However, a well-made argument can stand alone regardless of who made it, and well-made software can be judged regardless of who uses/makes it. Lots of people use MS software and hate MS's supporters, as well as MS themselves. Lots of people use Apple software and hate Apple's supporters, as well as Apple themselves. Lots of people use open source software and hate its supporters, as well as its developers. This is the case for all popular software, they all have crazy people involved. Yet everyone here uses software from the 3 crazy groups and continues to argue as if everyone ELSE is crazy.
#35 Yes I think it's odd because people stick to the subject for the first few posts and then go back to the same old argument. It's like 10% of the commenting is new information and then the other 90% is the same as has been over the last 5 years or whatever. I can stand this, I but since I don't really care about peoples' personal vendettas, it's not stimulating. |
| #36 By 32132 (64.180.219.241) at 4/14/2006 6:37:07 PM |
|
#38 Somehow, whenever you deign to comment and tell us how bored you are of our discussions, which you do every once and a while, I always get the impression you don't care one iota that there are bigotted nutbars like Latch and Kabuki boy hanging out on a Windows site who spend all their time trying to trash Windows with onesided arguments.
I always assume you agree with them ... but put on your "civilized" face and pretend to be something other than a Microsoft hater youself. But if I'm wrong, maybe you would answer me this. If 10 fixes for IE are a MEGAPATCH and get all sorts of bad press and lots of nasty comments from the OSS fanatacis, why is it wrong to point out that Firefox and Linux have as many or more security issues ... just as a way to counterbalance the propaganda from the OSS side? And why do you bother reading all thse comments if they bore you so? Why not just read the headlines and the articles? |
| #37 By 32132 (64.180.219.241) at 4/15/2006 1:38:43 AM |
|
What do you call 21 security exploits in Firefox if 10 in IE are called a Megapatch?
An UltraMegaPatch! http://secunia.com/advisories/19631/ Most are still secret ... but one bug was known in July of 2005. Wow. It doesn't pay to close in on 10% does it. You attract the wrong kind of attention. |
| #38 By 32132 (64.180.219.241) at 4/15/2006 1:48:36 AM |
|
#35 "All of that - without having to wait until "next month's" patch cycle."
Next 6 to 8 weeks .... "Mozilla releases Firefox security updates irregularly -- the last time was February -- but in a separate announcement, it said it planned to move to an every-six-to-eight-week schedule. " http://www.informationweek.com/news/showArticle.jhtml?articleID=185302870 But I guess with so many patches wouldn't weekly work better? |
| #39 By 39852 (204.101.172.146) at 4/15/2006 8:29:42 AM |
|
#39 You don't get the picture. I'm talking about how pointless these arguments are since they always degenerate into MS vs OSS flamewars, and here you are trying to get me to participate in one. You're talking about fanatics and I don't care what they have to say on Windows or Linux, other than to sample how certain groups see the software themselves.
To answer your question though, I just wanted to see if anything would happen if I brought up the topic. Would the ranting continue, or would people reflect on what they're doing and consider being more objective? Anyway, my problem wasn't just with the comments section. I would also like to see duplicate news stories stopped. When Activewin has multiple sources on one story, they just post multiple stories, and that's annoying to have to sift through. When Activewin sees an MS press release, they will just paste the entire thing as a news story. Same with some software updates. A section dedicated to software updates would be nice so that they wouldn't be interspersed within the news. As with the PR, why simply mirror it on the site when they could write an editorial? Do the editors have no opinion on the topic? Is there nothing more to it? There must be more information from other sources as well? Does the announced product live up to the hype? Etc... Instead it's just cut-and-paste. |
| #40 By 32132 (64.180.219.241) at 4/15/2006 4:17:17 PM |
|
#42 You don't get it do you? Part of what goes on here is an attempt to counter the propaganda generated by the OSS faithful.
A prime example is the claim that Firefox is more secure than IE. A popular counter argument ends up pointing out how many security issues Firefox actually does have since many of the "faithful" seem to think there aren't any security issues. A deeper counter argument would point out that now that professional browser flaw hunters like George Guninski are pounding away on Firefox, it would prove to be more insecure than IE. And that has come true. Why don't you spend time questioning why Kabuki and Latch waste there time here? And the answer I always come to (when you drop by) is that you are on their side and you are attempting to get some of us to stop responding to their lies. I don't plan to. If it upsets you, leave. |
| #41 By 39852 (204.101.172.146) at 4/16/2006 7:00:19 AM |
|
No thanks, I prefer to just use my software, not build a religion around it ("the faithful.." "propaganda".. your words, not mine, and I stress that they are not mine nor will they be mine, as I won't be a part of whatever you're doing). Anyway, I'm not questioning you or anyone in particular (although your reaction is a little extreme). The fact that you're still trying to get me involved in your argument makes me think you're not even getting what I'm trying to say. I'm just putting the idea out in general, though, that it's monotonous how every comment thread degenerates into a software war. The SAME software war that doesn't ever seem to progress. You have to realize what a waste you're contributing to. So just think about it. Later. This post was edited by Mister on Sunday, April 16, 2006 at 10:52. |
| #42 By 12071 (203.158.34.64) at 4/16/2006 11:21:38 AM |
|
#43 "is that you are on their side"
http://en.wikipedia.org/wiki/You're_either_with_us,_or_against_us_(slogan) You should add yourself to the list of historical usages... you'll be there with your two favourite people - Jesus Christ and George W. Bush! |
| #43 By 39852 (204.101.172.146) at 4/16/2006 1:04:50 PM |
| Well, stuff that doesn't have to do with the topic is also inflammatory and contributes. I guess this will just continue on forever and nobody cares. |
| #44 By 32132 (64.180.219.241) at 4/16/2006 3:05:00 PM |
|
#45 I find it sad your favorite person seems to be Saddam Hussein. This post was edited by NotParker on Sunday, April 16, 2006 at 15:05. |
| #45 By 39852 (204.101.172.146) at 4/16/2006 3:16:14 PM |
| Thanks for making my point! |
| #46 By 32132 (64.180.219.241) at 4/16/2006 5:59:55 PM |
| #48 What point? That you could attempt to contribute information to discussions but choose to contibute nothing but hot air. |
| #47 By 39852 (65.93.168.111) at 4/16/2006 7:52:22 PM |
| No, the point you keep missing ;) |
|
Write Comment
Return to News |
Displaying 26 through 50 of 552 Prev | Last | Next |
The time now is
4:52:30 PM
ET.
Any comment problems? E-mail us |
