Trojan horse rides on unpatched IE flaw

TalkBack 31 of 59:: Next »; « Previous

Thread View
Flat View

Calling non-zealot, shadetree, Loverock et al: Where are the usual patronising lectures from the Microsoft party faithful about "dumb users" who get infected and exploited because they haven't kept their anti-virus / Microsoft patchwork quilt up to date?

The fact is, it has ALWAYS been the case that Microsoft do not bother patching all the exploitable flaws they know about. When enough users have had their systems hosed by a new exploit to raise the fear of a little negaive PR, that's when Microsoft might start thinking about a patch.

The fact is also that nobody who uses Windows is safe from an exploit, no matter how many additional cost they have aded to their Windows TCO by 3rd party anti-virus, 3rd party spyware killers, 3rd party fire walls. You can spend until you're blue in the face, Windows is insecure by design and there are an untold number of un-patched flaws that Microsoft DON'T know about, to add to the list of ones they do.

A little less of the holier-than-thou patronising from the Microsoft fan boys is in order now, I feel. Because, once again, Apple MAc and Linux users are not afected.

Enjoy your Microsoft experience, and don't forgetto pay your subscriptions!

http://blogs.zdnet.com/Ou/index.php?p=135

Here is a list of unpatched Windows XP issues:

Microsoft Windows UPnP GetDeviceList Denial of Service
Microsoft Windows XP Wireless Zero Configuration Wireless Profile Disclosure (Microsoft promises a fix for Windows Vista, but what about Windows XP SP2? That's still the most up to date environment the last time I checked.)
Windows Registry Editor Utility String Concealment Weakness
Microsoft Windows Unspecified USB Device Driver Vulnerability
Windows Remote Desktop Protocol Private Key Disclosure
Microsoft Windows Image Rendering Denial of Service Vulnerability
Microsoft Jet Database Engine Database File Parsing Vulnerability
Windows Registry Key Locking Denial of Service
Windows XP Internet Connection Firewall Bypass Weakness
Windows Packet Fragmentation Handling Denial of Service Vulnerability
Microsoft Java Virtual Machine Cross-Site Communication Vulnerability
Microsoft Windows "desktop.ini" Arbitrary File Execution Vulnerability
Windows Metafile Handling Vulnerability
Windows XP Malicious Folder Automatic Code Execution Vulnerability
Microsoft HTML Help Control Privilege Escalation Vulnerability
Windows RPC Race Condition Denial of Service Vulnerability
Microsoft Windows Unauthorised Thread Termination
Microsoft Windows TCP Packet Information Disclosure
Windows NTFS File System Information Disclosure
XP PostMessage Password Disclosure
Microsoft Windows Terminal Server Denial of service
Microsoft Windows crashes on invalid font file
Microsoft Windows Certificate Chain vulnerability
Windows XP expose registered wireless access points
Windows XP admin downgrade problem
NT will let user execute any 16bit application
XP Remote Desktop DoS; Posted by: whisperycat Posted on: 12/01/05 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Whew, Missed That One RobertoSalazar | 11/30/05

maybe you got it anyway Boot_Agnostic | 11/30/05

Windows users could lose control of their systems by simply visiting a Web" BitTwiddler | 11/30/05

Don't surf with Windows Chad_z | 11/30/05

Yeah. Simplistic Pollyanna response. (IMHO) jrbeaman | 12/01/05

Rep has contacted me... Mike Cox | 11/30/05

10.0 Mikey!! DragonBRockin | 11/30/05

You gotta admit I'm Ye, the MS SHILL . | 11/30/05

Easy now... ExCorpGuy | 12/01/05

bad assumption Real World | 12/01/05

You are the fish, and you've been caught. jrbeaman | 12/01/05

Apparently, the concept was lost on you Real World | 12/01/05

Patch This christopherarchitect | 12/01/05

Wake up and learn how to spell S A T I R E !!! jrbeaman | 12/01/05

What do your MCSEs know? IT-sys | 11/30/05

Fish On! zmud | 12/01/05

9.5 sokushi jonez | 12/01/05

Use Firefox nikoli | 11/30/05

UH, ok. Yeah Sure. (IE still runs inside) jrbeaman | 12/01/05

You MUST Be An Architect Since You Know IE Is In All Windows Software PMC-CON | 12/01/05

Everyone else is pretty much releasing new s/w michael_t | 11/30/05

MS recommends using *beta* Windows Live Safety Center?! PB_z | 11/30/05

Not really .... michael_t | 11/30/05

Monopolies, homogeny, and fascists have one thing in common: HypnoToad | 11/30/05

Yet another revenue plan from Microsoft. Cardinal_Bill | 11/30/05

Ohhh my.... so quiet here in this forum. None of the michael_t | 11/30/05

So Share Your Software Project, Dr. T PMC-CON | 12/01/05

Calling non-zealot, shadetree, Loverock et al whisperycat | 12/01/05

You missed this Middle of the Road | 12/01/05

"The internet used to be a nice place" -JB jrbeaman | 12/01/05

Calling all trolls! Calling all trolls! whisperycat | 12/01/05

reply to: Calling all trolls! Calling all trolls! windy@... | 12/01/05

List Stolen From George Ou's Blog PMC-CON | 12/01/05

Only One in List Above Not Critical PMC-CON | 12/01/05

Message has been deleted. whisperycat | 12/01/05

I'd like to delete these hackers! zindorf1 | 12/01/05

Calling on call waiting Boot_Agnostic | 12/01/05

Look behind you Boot_Agnostic | 12/01/05

Trojan Horse rides on unpatched IE flaw...and more windy@... | 12/01/05

Cost of Switching or Upgrading is Betelgeuse58 | 12/01/05

"STOP the GREED and get COMPETITIVE" jrbeaman | 12/01/05

jr Betelgeuse58 | 12/01/05

Competetive pricing lobo1953 | 12/01/05

pc defenses bukti | 12/03/05

Why do I have to keep paying for MS's flaws? juvii | 12/01/05

You're Paying Microsoft -- Long Pay Plan for W98 PMC-CON | 12/01/05

Sorry you did't get the analogy juvii | 12/01/05

RE: Why do I have to keep paying for MS's flaws? by R. W. Minor btljooz | 12/01/05

Caveat emptor Allstar_z | 12/03/05

MacOSX + Firefox = 'No problem' 999ad@... | 12/01/05

Linux + many applications and tools = best solution Boot_Agnostic | 12/02/05

Microsoft strikes again! jonkopp | 12/05/05

Alerts Widget_z | 12/29/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Read the original story

Trojan horse rides on unpatched IE flaw

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads