New Critical Bug In All Current Windows Versions 156
Posted
by
timothy
from the innocent-whistling-sound dept.
from the innocent-whistling-sound dept.
Trailrunner7 writes "Microsoft is warning its users about a dangerous flaw in the way that Windows handles certain MHTML operations, which could allow an attacker to run code on vulnerable machines. The bug affects all of the current versions of Windows, from XP up through Windows 7 and Windows Server 2008. Microsoft issued an advisory about the MHTML vulnerability, which has been discussed among security researchers in recent days. There is some exploit code available for the bug, as well. In addition to the advisory, Microsoft has released a FixIt tool, which helps mitigate attacks against the vulnerability in Windows."
Re:Investing (Score:5, Insightful)
And I'd mod you down, but doing so would make my post (and all other child posts) invisible as well. Heck, since you posted as AC, odds are no one will ever know this post was here.
Re:Investing (Score:5, Insightful)
Re:Investing (Score:4, Insightful)
Classic version ftw. It doesn't use more than 6-7% of one core (AMD AthlonII X4 620).
Re:uhh (Score:5, Insightful)
What EXACTLY is wrong with system restore? I've found especially with my click happy love to install software customers and relatives having a "quick undo" button comes in damned handy! Now of course system restore is in no way shape or form a substitute for backups, which is why I have them set up with weekly differentials and full backups monthly on USB HDDs, but you can't expect them to run a differential every time they want to try something new.
And who cares about "gigabytes" of anything anymore? Hell the lowest machines I sell have 500GB HDDs and even the kids P4 hand me downs have 400Gb drives, so why would anybody care? It isn't like huge drives are expensive.
So I really don't see what the problem is with system restore. For a quick undo button it works just fine, with huge drives worrying about 20-50Gb being reserved for system restore is frankly pointless when everyone has more space than they know what to do with, and when used with a combination of good AV, weekly backups, and a lower risk browser like Firefox or Chrome with ABP it does just what it should do, which is provide a quick way to roll back changes if something goes wrong. So what EXACTLY is so bad about it, because frankly I haven't seen a problem with system restore since XP SP2 came out.
Re:Knowledge Base containing Fixit Link (Score:4, Insightful)
Uh that's all the data most of their users need. Most of their users want a simple "FixIt" (that's how they often get into trouble in the first place, but that's not MS's fault). Most of these users aren't going to even know about this problem though. They'll only get a fix if MS ever releases it in a Windows Update and they have Windows Updates enabled.
As for the rest of the users who actually care to know more: https://www.microsoft.com/technet/security/advisory/2501696.mspx [microsoft.com]
The very few who are that interested can find out even more details themselves.
So it's inaccurate to say MS doesn't give a shit about this problem.
Re:Investing (Score:3, Insightful)
./ needs an online FPS called Mod Arena where people with mod points can wager them in virtual combat. The winners can then sculpt discussions in their own Mod God self image. For instance you could mod up all posts about Lord of the Rings as "+1 Super Cheetos Cool" and mod down all Star Wars posts as "-1 Decaying Franchise".
Oh, yeah. To stay on topic: Windows has security problems.