Welcome to WebmasterWorld Guest from 23.20.230.24

Forum Moderators: bill

Message Too Old, No Replies

Patch Tuesday (14th April) To Have 5 Critical Fixes

     
3:08 pm on Apr 10, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Patch Tuesday (14th April) To Have 5 Critical Fixes [news.cnet.com]
Microsoft on Thursday said next week's Patch Tuesday would include eight patches, five of them critical, including one addressing a vulnerability in Excel. A company representative declined to confirm whether the patch for its spreadsheet software addresses a vulnerability that has seen "zero-day attacks" which target unpatched security holes. But given the fact that both that Excel vulnerability and the Excel patch slated for Tuesday affect Microsoft Office 2000, 2002, 2003, and 2007, as well as Microsoft Office 2004 and 2008 for the Mac, it could be the same weakness.

Also on Tuesday, Microsoft will provide updates addressing critical remote code execution vulnerability in Internet Explorer, Windows, and Office, and less severe vulnerabilities in Windows and Microsoft's Forefront Edge Security.

1:53 pm on Apr 11, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Another reason to keep using web-based office software.
2:35 pm on Apr 11, 2009 (gmt 0)

5+ Year Member



@maximillianos

Web based office software is even riskier. I prefer to risk someone attacking my own PC rather than 1,000 users server.

I've used free/open source and the paid ms office and I'd say that they are both good if you're a basic user. If you do corporate level stuff MS outperforms everybody (currently) so its not that of a new or big deal that somebody found security exploits.

There is no software without possible security exploits - I'm a programmer and I'm constantly finding new bugs and more security threats in even the simplest programs. There is no way to be protected against all possible attacks! Just live with it!

Venetsian.

11:25 pm on Apr 11, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Also on Tuesday, Microsoft will provide updates addressing critical remote code execution vulnerability in Internet Explorer, Windows, and Office, and less severe vulnerabilities in Windows and Microsoft's Forefront Edge Security.

Now you know why we abandoned the MS bloatware for OpenOffice and Firefox ages ago.

12:22 am on Apr 12, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Web based office software is even riskier. I prefer to risk someone attacking my own PC rather than 1,000 users server.

It is funny because it is kind of a lose-lose. If you need your documents to be secure, private and safe guarded, one might say you should not store them on an online service provider site. However storing them locally opens up the door to local exploits (like those mentioned above). So you have to pick the lesser of two evils... and we all know which choice that is...;-)

12:48 am on Apr 12, 2009 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



In the bank or under the mattress... which is more secure? Not sure, but do know that what was under the mattress didn't disappear via bad magic!

Easier to secure local than non-local... at least that's my opinion. So far, all the MS patches have been good to me so I'm not complaining (though I do miss WordPerfect)....

12:53 pm on Apr 12, 2009 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Yeah, and I really liked WordStar on my old CP/M machines too, but you had to watch out for those those old 8" floppies. They sometimes had viruses on them too...

We could probably do less with the knee-jerk anti MS vitriol. The reality is that most people use MS Office. It's got the majority market share. Whether that's by individual choice or that of one's employer is irrelevant. There's a vulnerability. MS is patching it.

1:58 pm on Apr 13, 2009 (gmt 0)

10+ Year Member



about 2 years ago I dumped MS Office for Open Office and tired it for a few months as I was sick of Microsoft at the time (Vista's launch was a nightmare) but after using Open Office for a while even with it's updates I found Microsoft Office 2007 to be a superior product, especially Excel in terms of functionality and ease of use. Also, strangely, Microsoft Office launches quicker and saves files in a smaller file size (more efficient). Maturity has it's advantages. I even tried switching to linux before but couldn't give up Adobe CS, almost switched to Mac until i talked with friends who have used Macs for years let me know that the new Macs, although very good machines, do crash sometimes. My XP Pro box very rarely crashes and my designer's Vista box with SP1 never crashes. Bottom line is I respectfully ask people to be careful not to voice opinion as fact and to try not to speak above their knowledge level. Feel free to state opinion and share personal experiences and of course feel free to ask questions, but as bill stated, the anti-MS nastiness doesn't help anyone. Competition and threat of losing business has made MS better.
6:26 pm on Apr 13, 2009 (gmt 0)

10+ Year Member



This is a funny thread. I think the message that is not getting trough is: yes MS Office is the better product, and few will dispute that, but the reality is that you can easily, very easily live without MS Office. That is because most documentation needs do not require all the power of Word and Excel. Now, if you want to build complicated graphs and models, do use MS Office. I personally try to avoid it as much as I can, and so far it's been OK. Why? Because I don't want to pay (or steal) for the software, but most importantly because having all your eggs in one basket (MS's basket) makes them vulnerable to all sorts of attacks/viruses ect. And most importantly, my Ubuntu does not run MS Office (that I know of).

Also, for sure Adobe products kick ass and are the absolute best. But again, for all my webmaster needs, GIMP is more than enough, so why should I pay for a proprietary tool? Even their PDF files use proprietary protocols. It's unacceptable.

But I always keep a copy of Win XP on a separate partition, with all Office and Adobe tools in there, in the case there is something I can not do on Ubuntu. I personally believe this to be the safer solution.

The reality is, MS/Adobe are professional and better features-products, but 99% of the people (including me) don't really need all these features, and they are very vulnerable and bloated.

4:58 pm on Apr 14, 2009 (gmt 0)

5+ Year Member



when are we getting these updates? will they automatically download or only through microsoft's site?
9:12 pm on Apr 14, 2009 (gmt 0)

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Microsoft releases patches on a monthly cycle: every second Tuesday of the month they release a batch of patches that got finished in the past moth (security people call it Black Tuesday).

BTW: they're out now, should show up automatically if configured to do so.
Otherwise WSUS servers can be used on a company level or a user mightneed to surf to [update.microsoft.com...]

[edited by: bill at 5:26 am (utc) on April 15, 2009]
[edit reason] fix URL [/edit]

3:15 am on Apr 15, 2009 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



mine is configured to automatically do it....but it didn't. strange for sure... it always has before.

thanks for the heads up .. i use excel 2003

3:53 am on Apr 15, 2009 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Mine came through via automatic right on schedule. Still running 2002 (which had the same exploit).
4:27 am on Apr 24, 2009 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member




It is funny because it is kind of a lose-lose. If you need your documents to be secure, private and safe guarded, one might say you should not store them on an online service provider site. However storing them locally opens up the door to local exploits (like those mentioned above). So you have to pick the lesser of two evils... and we all know which choice that is...;-)

my data is my data, I will never upload it unto some ambiguous server somewhere where the user of that server can do whatever they want with your data. Here one day gone the next.

I find it suprising people are so willing to throw their important data into space and just pray nothing happens. As venetisan said... chances of your computer coming under attack where someone is looking to steal documents? Or a big online server where 10000 of people store documents. Where would you go if you were looking to steal data? Yes we all know which choice that is.

[edited by: J_RaD at 4:28 am (utc) on April 24, 2009]

 

Featured Threads

Hot Threads This Week

Hot Threads This Month