Update windows now, another "critical update"

blade · Post by **blade** » Wed Jan 12, 2005 2:04 am

http://www.cnn.com/2005/TECH/internet/0 ... index.html

SEATTLE, Washington (Reuters) -- Microsoft Corp. warned Windows users Tuesday of two new "critical" level security flaws in its software that could allow attackers to take control of a computer and delete or copy information.

The world's largest software maker issued patches to fix the problems as part of its monthly security bulletin, which affects the Windows operating system and the Internet Explorer Web browser.

Computer security experts urged users to download and install the patches, available at http://www.microsoft.com/security.

"It's very critical that users patch machines for these vulnerabilities," said Jimmy Kuo, a researcher at McAfee Inc.'s virus detection center.

A hacker could exploit one of the security flaws if a user directed the Web browser to a specially designed Web page, Redmond, Washington-based Microsoft said.

Microsoft also issued one other security warning, rated at

the second-highest level of "important."

Microsoft has been working for the last three years to improve the security and reliability of its software under its Trustworthy Computing initiative, as more and more malicious software targets weaknesses in Windows and other Microsoft software.

Also Tuesday, Microsoft began offering downloads of a software tool to remove viruses and other malicious software from computers.

Microsoft last week began offering anti-spyware program downloads for Windows users to block programs that generate unwanted pop-up ads and secretly record a computer user's activities.

Both programs are part of an effort by the company to offer its own computer and Internet security software as it prepares a security subscription service code-named "A1" to provide regular updates for security software and services.

Shares in McAfee and Symantec Corp. , the two largest computer security software vendors, fell sharply after Microsoft announced it would release its own anti-spyware software. Since then, McAfee is down 7.5 percent and Symantec is off more than 6 percent.

canton_kid · Post by **canton_kid** » Wed Jan 12, 2005 9:10 am

Both programs are part of an effort by the company to offer its own computer and Internet security software as it prepares a security subscription service code-named "A1" to provide regular updates for security software and services.

Hmmm, I wonder if all these security flaws were deliberate, a pay service to fix the problems they created in the first place, how interesting! Can we say MONOPOLY boys and girls??

Hmm, other companies stocks already starting to fall, can we say I told you so in a different post already!

MS can't keep it's own software working properly, entering into an area that is only needed because of the bugs in their own software, gonna charge for it, and already having a negative effect on the companies that have pioneered this area and been doing a good job with their own software.

This is an area the government DOES need to step into and BAN MS from making any profits, or even covering their own costs! Release proper working software without all the bugs and we would not need all the patches in the first place! They should not profit from this!!! I hate the governmant getting involved is business, but MS IS a monopoly and THIS needs to be stopped!!!

This is like an auto dealer selling you a car after putting sand in the engine! In a few weeks the engines trash and he charges you to install a new engine! If the work in the shop gets slow just put sand in more car engines!

If MS is alloughed to profit by fixing it's own errors then that is just an incentive to create more errors!!
Slow sign up for a subscription service, simple fix, release a really bad service pack with tons of major flaws and watch the people rush in and sales soar!!
Oh they do that now, just currently it's free!

edit:
I figure "prepares a security subscription service code-named "A1" " means a pay service, not a free subscription service!

BillyGoat · Post by **BillyGoat** » Wed Jan 12, 2005 10:22 am

use firefox

smb · Post by **smb** » Wed Jan 12, 2005 11:34 am

Use Linux.

b-man1 · Post by **b-man1** » Wed Jan 12, 2005 11:59 am

use a MAC!!!!

um...........j/k.

Executioner · Post by **Executioner** » Wed Jan 12, 2005 2:56 pm

Don't use a computer.

rndmtask · Post by **rndmtask** » Wed Jan 12, 2005 8:26 pm

Firefox is not going to help a problem with the Help system that always uses the IE engine. I just find it funny that the help thing was found by secuina last year last week of December I think. 3 weeks is better than the usual couple months but most of the linux patches are they day of or before the announcement.

Post by **FlyingPenguin** » Wed Jan 12, 2005 8:42 pm

True but 90% of all security flaws in Windows is actually a flaw in IE, which is only made worse by the fact that IE is integrated into Windows Explorer. Stupidest thing Microsoft ever did was integrate IE into Windows Explorer.

canton_kid · Post by **canton_kid** » Thu Jan 13, 2005 8:43 am

"True but 90% of all security flaws in Windows is actually a flaw in IE, which is only made worse by the fact that IE is integrated into Windows Explorer. Stupidest thing Microsoft ever did was integrate IE into Windows Explorer."

Hah HUH,
I finally got an answer to that burning question "Why in 2K did MS move Win Explorer from the regular Programs into Accessories. FP's statement above is the answer, MS was attempting a security patch by hiding it and hoping it would go away