__/ [ The Ghost In The Machine ] on Wednesday 23 August 2006 16:00 \__
> In comp.os.linux.advocacy, Roy Schestowitz
> <newsgroups@xxxxxxxxxxxxxxx>
> wrote
> on Wed, 23 Aug 2006 08:36:55 +0100
> <6486500.T84IuSxFSm@xxxxxxxxxxxxxxx>:
>> IE patch carries security bug
>>
>> ,----[ Quote ]
>> | There's more trouble with Microsoft's latest Internet Explorer patch:
>> | It introduces a serious new security flaw on some Windows systems.
>> |
>> | The vulnerability could let miscreants hijack a Windows PC running IE 6
>> | with Service Pack 1 and the MS06-042 update installed, Microsoft said in
>> | a security advisory published on Tuesday.
>> `----
>>
>> http://news.zdnet.com/2100-1009_22-6108490.html
>>
>> No wonder the population of PC's is being 'zombified' at such enormous
>> rates < http://news.zdnet.com/2100-1009_22-6108409.html >.
>
> Ow, my brain. I thought patches were supposed to *repair*
> security flaws, not introduce *new* ones. Of course,
> shit happens...I for one just wish it happened less often.
>
> I'm beginning to wonder about that "bad press is better than
> no press at all" maxim.... :-)
Here's another take on this. Good source, harsh criticism.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002656
Microsoft will re-release 'butchered' patch
August's MS06-42 fix simply too buggy
August 22, 2006 (IDG News Service) -- Instead of making the browser
more secure, Microsoft Corp.'s August Internet Explorer security update
introduced a critical security bug, according to researchers at eEye
Digital Security Inc.
|
|
