Microsoft confirms IE zero-day behind Google attack

http://www.computerworld.com/s/article/9144938/Microsoft_confirms_IE_zero_day_behind_Google_attac k

Do you use IE? DON'T!

--
Alias

Alias wrote:
http://www.computerworld.com/s/article/9144938/Microsoft_confirms_IE_zero_day_behind_Google_attac k


Do you use IE? DON'T!

Read the article you STUPID MORON!

"...The only encouraging news is that there are tools that protect Vista
and Windows 7 on IE7 and newer, so that an exploit would crash [those
browsers] rather than allow code execution."

You're posting in a Windows 7 ng you IDIOT where the default version of
IE is 8.
Oops!

Oh and I see you're cross posting to comp.os.linux.advocacy, that den of
MS hate mongers.

The code used in the attack is only effective against IE6 and possibly IE7
and 8 on computers running XP SP2 or older OS's. It's also possible that if
someone deliberately relaxed the security way beyond what would be
considered normal that newer OS's with newer versions of IE may be affected.

http://blogs.zdnet.com/Bott/?p=1645

I'd say the message here is to keep things up to date and don't relax
security in the name of convenience. You'd have to be a couple years behind
on updates or an idiot to be affected by this. It's mind boggling that the
companies that got hacked are that mindless about updates. The story that's
slowly emerging is that there were probably several different methods used
to penetrate their security.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/


"Alias" wrote in message
...
http://www.computerworld.com/s/article/9144938/Microsoft_confirms_IE_zero_day_behind_Google_attac k

Do you use IE? DON'T!

--
Alias

Frank pulled this Usenet boner:

Oh and I see you're cross posting to comp.os.linux.advocacy, that den of
MS hate mongers.

MS does a fine job of mongering MS hate on its own.

http://www.groklaw.net/staticpages/i...05010107100653

Microsoft Litigation

Please note that this is not a complete list, and if you have other cases
you'd like to have included, please let us know. You can click on the
email icon to email PJ. Thank you.

--
Time to be aggressive. Go after a tattooed Virgo.

Kerry Brown wrote:

You'd have to be a couple years behind
on updates or an idiot to be affected by this.

Is there a shortage of computers a couple of years behind on updates or
of idiots?
--
Enkidu

"Enkidu" wrote in message
.. .
Kerry Brown wrote:

You'd have to be a couple years behind
on updates or an idiot to be affected by this.

Is there a shortage of computers a couple of years behind on updates or
of idiots?

It's reported that the hacked computers were still running IE 6. They didn't
even upgrade to IE7 let alone IE8 and they've only had over 3 years to
upgrade.

Internet Explorer 7 was released on October 18, 2006. How secure is a 3+
year old install of Firefox????

Chris Ahlstrom wrote:
Frank pulled this Usenet boner:

Oh and I see you're cross posting to comp.os.linux.advocacy, that den of
MS hate mongers.

MS does a fine job of mongering MS hate on its own.

http://www.groklaw.net/staticpages/i...05010107100653

Microsoft Litigation

Please note that this is not a complete list, and if you have other cases
you'd like to have included, please let us know. You can click on the
email icon to email PJ. Thank you.

Thanks for proving my point, you MS hate filled linturd asshole loser.

Ezekiel wrote:
"Enkidu" wrote in message
.. .
Kerry Brown wrote:

You'd have to be a couple years behind
on updates or an idiot to be affected by this.
Is there a shortage of computers a couple of years behind on updates or
of idiots?

It's reported that the hacked computers were still running IE 6. They didn't
even upgrade to IE7 let alone IE8 and they've only had over 3 years to
upgrade.

Internet Explorer 7 was released on October 18, 2006. How secure is a 3+
year old install of Firefox????






Like a sieve!...LOL!

Ezekiel wrote:


"Enkidu" wrote in message
.. .
Kerry Brown wrote:

You'd have to be a couple years behind
on updates or an idiot to be affected by this.

Is there a shortage of computers a couple of years behind on updates or
of idiots?

It's reported that the hacked computers were still running IE 6. They didn't
even upgrade to IE7 let alone IE8 and they've only had over 3 years to
upgrade.

Internet Explorer 7 was released on October 18, 2006. How secure is a 3+
year old install of Firefox????

You are correct. But saying the problem wouldn't exist except for
unpatched systems in worthless . . . there are unpatched systems now,
there have been as long as the internet has been open to the public, and
there always will be.

Letting developers off the hook for writing ****ty insecure software
doesn't help anyone. Granny shouldn't have to know to disable java in
Adobe Reader or any of a thousand other stupid holes developers have
left open. The developers should be liable for the damages their
software errors cause.

Would you accept it as "just life" if your car stopped working at 10,000
miles because the odometer buffer overflowed? Why is softeware treated
differently?

--
Enkidu

Frank wrote:

MS does a fine job of mongering MS hate on its own.

http://www.groklaw.net/staticpages/i...05010107100653

Microsoft Litigation

Please note that this is not a complete list, and if you have other cases
you'd like to have included, please let us know. You can click on the
email icon to email PJ. Thank you.

Thanks for proving my point, you MS hate filled linturd asshole loser.

You had a point? What was it?

--
Enkidu

In article , Enkidu says...

Letting developers off the hook for writing ****ty insecure software
doesn't help anyone. Granny shouldn't have to know to disable java in
Adobe Reader or any of a thousand other stupid holes developers have
left open. The developers should be liable for the damages their
software errors cause.

Does that include the Linux devs as well?

Would you accept it as "just life" if your car stopped working at 10,000
miles because the odometer buffer overflowed? Why is softeware treated
differently?

Because a car only has 1500 or so parts, not millions. It is far more
simpler. It also doesn't have hundreds of thousands of people
deliberately trying to break it for personal monetary gain.



--
Conor
www.notebooks-r-us.co.uk

I'm not prejudiced. I hate everybody equally.

Enkidu wrote:
Frank wrote:

MS does a fine job of mongering MS hate on its own.

http://www.groklaw.net/staticpages/i...05010107100653

Microsoft Litigation

Please note that this is not a complete list, and if you have other cases
you'd like to have included, please let us know. You can click on the
email icon to email PJ. Thank you.

Thanks for proving my point, you MS hate filled linturd asshole loser.

You had a point? What was it?

You didn't even have to duck in order to miss that one!
Oops!

Conor wrote:

In article , Enkidu says...

Letting developers off the hook for writing ****ty insecure software
doesn't help anyone. Granny shouldn't have to know to disable java in
Adobe Reader or any of a thousand other stupid holes developers have
left open. The developers should be liable for the damages their
software errors cause.

Does that include the Linux devs as well?

It's hard to get a refund for something you didn't pay for in the first
place. Use free software, caveat emptor. If somebody gives me a free
car, I'm on weak ground complaining about problems with it. If I pay
for it, I wound't expect the warrenty to say "You bought it, you own it,
and anything that goes wrong is your problem, sucker!"

So, yes . . . if you buy Red Hat or any other commercial distribution,
you should have recourse it it's bug-ridden. It should be suitable for
it's advertised use.

--
Enkidu

Alias wrote:

htp://www.computerworld.com/s/article/Microsoft_confirms_IE_zero_day_behind_Google_attac k

Do you use IE? DON'T!


http://packages.ubuntu.com/karmic/gnome-games

--

Vita brevis breviter in brevi finietur,
Mors venit velociter quae neminem veretur.

"Enkidu" wrote in message
...
Ezekiel wrote:


"Enkidu" wrote in message
.. .
Kerry Brown wrote:

You'd have to be a couple years behind
on updates or an idiot to be affected by this.

Is there a shortage of computers a couple of years behind on updates or
of idiots?

It's reported that the hacked computers were still running IE 6. They
didn't
even upgrade to IE7 let alone IE8 and they've only had over 3 years to
upgrade.

Internet Explorer 7 was released on October 18, 2006. How secure is a
3+
year old install of Firefox????

You are correct. But saying the problem wouldn't exist except for
unpatched systems in worthless . . . there are unpatched systems now,
there have been as long as the internet has been open to the public, and
there always will be.

Letting developers off the hook for writing ****ty insecure software
doesn't help anyone. Granny shouldn't have to know to disable java in
Adobe Reader or any of a thousand other stupid holes developers have
left open. The developers should be liable for the damages their
software errors cause.

Would you accept it as "just life" if your car stopped working at 10,000
miles because the odometer buffer overflowed? Why is softeware treated
differently?


Your analogy is flawed. Installing updates is normal maintenance for a
computer. If you neglected normal maintenance on a car it would not last as
long as it should. You would end up in a dangerous situation when the brake
pads, tires, and suspension wore out. Your engine may seize because the oil
was never changed. You may end up stranded on the side of the road because
the spark plugs were never changed. You would experience many problems, some
serious, some not, because you neglected to maintain the car. Cars have been
around over 100 years now. The technology and best practices are well
understood by the manufacturers. Software development is still in the
immature stages. In the early days of automobile manufacturing many
independent horse carriage manufacturers and even enterprising home based
inventors tried building cars. Some were more successful than others. None,
even the well established, very large manufacturers had trouble free cars.
That's the stage we're at with software development. I'd guess if you had to
compare the two software development would compare to auto manufacturing in
the 1930's or 1940's. Even today cars still need maintenance, not as often
but the need is still there. Just as with software I don't think it will
ever go away.

--
Kerry Brown