Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: ocean10000
Windows Versions Affected:
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition (Windows Me)
Microsoft Windows NTŪ 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Please update your windows now.
From the MS bulletin:
- Computers configured to disable active scripting in Internet Explorer are not susceptible to this issue.
- Microsoft tested W98, W98SE, Me, NT 4.0, NT 4.0 TSE, 2000, and XP. Previous versions are no longer supported, and may or may not be affected by these vulnerabilities.
- This is a buffer overrun vulnerability. The vulnerability is caused by a heap overflow in the Windows Script Engine for the JScript scripting language, JScript.dll.
See the update site at the link in Brett's post for details on disabling.
And beware Greeks bearing gifts.
1) Buffer overflows in various pieces of software.
If Microsoft had written their software in a better programming language (such as their new C#), there wouldn't be the buffer overflow problems.
No wonder other OS platforms are gaining ground.
Why in the world does a browser need root on one's machine?
Even if they want to use the browser for root purposes,
Microsoft could score a lot of points by providing a
second, "safe surfing" browser that doesn't have root
powers on the machine. Think how they could spin that
"innovation"; heck they could even say "it's for the children".
I have my doubts about this. You'll probably think I'm paranoid for thinking this but...
The reasons are:
1: Most security problems are discovered by an outside company, who reveals it to MS who usually drags their feet. It's incredibly unusual that a flaw of this magnitude was overlooked by all major security firms.
Think about it: We are being told to believe that a major OS hole has been undetected since 1998; that hackers and security firms totally missed this major security hole for over five years.
2: The company quoted as confirming the flaw, trusecure corporation, employs "an expert who helped design classified networks at the CIA"
3: This company is part of a National Security Council group whose goal is securing our computer infrastructure against cyberattacks-
4: In the weeks prior to this, I've been experiencing an unusual amount of IE crashes, regardless of version or computer, with an unusual pop-up asking if I want to send a notice to MS, which made me think that it was engineered.
5: If one were to insert code capable of monitoring computers/information, this is the way to do it.
6: If MS wanted a break from the Justice Department, this is the way to get it.
I sincerely have my doubts about this security flaw.
It was only recently discovered that ulcers are a bacterial infection.
Sometimes we forget to look at the trees while we look at the forest. As we stand on the mountain top we're puzzled as to the spectacular view that was supposed to be there. All we see are more mountains and trees and a river below.
I love MS...
This is a real wounder for me. Relatives needing updates on slow modem connections.
Hey Toadhall...quit hogging!