__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Thursday 24 August 2006 10:42 \__
> Quote:
> ----------------
> Instead of making the browser more secure, Microsoft's August
> Internet Explorer security update introduced a critical security bug,
> according to researchers at eEye Digital Security.
>
> Microsoft released the security patch, known as MS06-042 on Aug. 8, but
> users soon reported several problems with the software....
>
> Last week, Microsoft released a "hotfix" download...
>
> What Microsoft hasn't told its users, eEye said Tuesday, is that the
> browser-crashing bug could also be used by attackers to run
> unauthorized software on a victim's PC.
> ----------------
> End quote
>
> http://www.cio.com/blog_view.html?CID=24150
To make matters worse, according to Microsoft Watch, there is no schedule for
a fix to this. Compare that to Ubuntu 6.06 where, after an update, a small
proportion of the users had problem with X server. The fix was available
within hours (or a day), so a simple sudo apt-get update resolved the issue.
It's easier to control patches when the code is modular and developers want
to earn trust (as opposed to being arrogant, lazy and sad engineers, whose
mail is periodically eliminated).
Best wishes,
Roy
--
Roy S. Schestowitz, Ph.D. Candidate (Medical Biophysics)
http://Schestowitz.com | GNU is Not UNIX | PGP-Key: 0x74572E8E
roy pts/7 cg001a.halls.man Thu Aug 24 09:00 still logged in
http://iuron.com - proposing a non-profit search engine
|
|