Microsoft issues temp fix for serious vulnerability

[Cobbydaler]

Quote:

Microsoft has warned customers to apply a temporary security fix to protect against a serious, newly discovered security bug in all supported versions of Windows.
The vulnerability results from the way Windows processes webpages containing MIME-formatted content. Attackers can exploit the weakness to run malicious scripts that steal sensitive information, spoof trusted websites or carry out other actions not authorized by the user. Internet Explorer is the only attack vector for the vulnerability, which resides in the Windows implementation of the MHTML protocol.

Link

Microsoft link:

http://support.microsoft.com/kb/2501696

[toonlight]

Quote:

Originally Posted by Cobbydaler

"Internet Explorer is the only attack vector for the vulnerability, which resides in the Windows implementation of the MHTML protocol.

Oh well another screw up by Microcr*p again, the days of bashing Microsoft are coming back again..... fast. Let's all lend a hand, to help them over into the deep abyss, otherwise known as the open source software community. I can't wait for the day they put the patchy, lame, buggy & useless IE browser to the grave: long live open source software!

Others may have a different view though, let your view be heard

toonlight

[Stuart]

Because of course, Open source software is always 100% bug free and never needs patching.

Oh, wait... It does? Pity the Open Source community (apart from some notable exceptions, like Mozilla) don't seem willing to acknowledge that.

Microsoft, on the other hand, are quite open about the fact that Windows has problems.

I am not a particular fan of one OS over another (in fact I believe they all have strengths and weaknesses, and I also believe in using what is most appropriate at the time), but I have found that they *all* have security problems. It's just that some OS vendors are more open about the problems than others. That needs to stop. ALL OS venders need to be open about at least the security problems.

[mart44]

When/if Open Source software needs patching, it manages to still keep its original name. Yet when Microsoft software needs patching, the name often gets changed to Microcr*p or something similar. Why is that? Open Source never becomes Open Door or Open Scourge for instance.

[TheNorm]

Quote:

Originally Posted by mart44

When/if Open Source software needs patching, it manages to still keep its original name. Yet when Microsoft software needs patching, the name often gets changed .... Why is that? ....

Stop me if I'm wrong, but it might have something to do with being a business. Quite a successful one (or so I've heard).

[mart44]

You might well be right TheNorm ..but I rarely see name alterations and asterisks used when the failings of other software or businesses are being discussed. Almost only a Microsoft thing it seems. Lord knows what would come up if the same treatment was given to Firefox when a security hole is discovered. I've never seen that happen though.

Probably because users feel they have some sort of stake in software like Firefox. With MS, historically you had little choice but to buy in to whatever its vision for the desktop/office/internet happened to be, because there was little practical alternative. That sense of compulsion breeds contempt, especially when what you're being compelled to use proves to be less robust than you would like.

[Dude111]

If you DISABLE SCRIPTS,the test fails on this page (As expected)

http://www.natestiller.com