Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Critical Bug In All Current Windows Versions

timothy posted more than 3 years ago | from the innocent-whistling-sound dept.

Bug 156

Trailrunner7 writes "Microsoft is warning its users about a dangerous flaw in the way that Windows handles certain MHTML operations, which could allow an attacker to run code on vulnerable machines. The bug affects all of the current versions of Windows, from XP up through Windows 7 and Windows Server 2008. Microsoft issued an advisory about the MHTML vulnerability, which has been discussed among security researchers in recent days. There is some exploit code available for the bug, as well. In addition to the advisory, Microsoft has released a FixIt tool, which helps mitigate attacks against the vulnerability in Windows."

cancel ×

156 comments

Sorry! There are no comments related to the filter you selected.

uhh (-1)

Anonymous Coward | more than 3 years ago | (#35039984)

no emergency patch and THEN an announcement? fucking weak-sauce.

Re:uhh (5, Informative)

hairyfeet (841228) | more than 3 years ago | (#35040296)

Hi MR AC! If you would have read TFA or even TFS (I know I know, but I got bored) you would see they provide a link to The MSFT "fix it for me" [microsoft.com] page for this problem. Just click on "fix it for me" run the fix it, and that's it. Don't even need a reboot.

I'm sending the link to my customers and family now, and since it makes a restore point before applying it is easy to undo if you need to, although with previous "fix it for me" tweaks that I've run the MSFT patch released later took care of the fix it tweak before applying the patch.

So I don't really see why you or anyone would complain about this one. They have a quick fix that is so simple your grandma can run it, and released the fix quickly to tide people over until they have worked up a patch. I don't see how they could have done any better on this, as a full patch will take time to test and rightfully so as you wouldn't want MSFT releasing patches that break apps and/or drivers and cause more pain than the bug would you? This is easy, simple to apply, and painless to deploy. I don't see how you can get better and the guy that came up with the "fix it for me" program really deserves a raise and company car, as it really has made these fast released workarounds painless for home users..

Re:uhh (0, Flamebait)

Hylandr (813770) | more than 3 years ago | (#35040410)

Hi MR AC! If you would have read TFA or even TFS (I know I know, but I got bored) you would see they provide a link to The MSFT "fix it for me" [microsoft.com] page for this problem. Just click on "fix it for me" run the fix it, and that's it. Don't even need a reboot.

I'm sending the link to my customers and family now, and since it makes a restore point before applying it is easy to undo if you need to, although with previous "fix it for me" tweaks that I've run the MSFT patch released later took care of the fix it tweak before applying the patch.

Oh I so trust Microsoft to not have any ill intentions regarding previously undocumented operations. And remember those disgusting and insulting commercials from MS for the "release party" for the latest os? Yea the above quote doesn't smack of that at all...

From the Software company that still refuses to acknowledge Back Oriface was a threat to "Here, take this pill trust us" .

F You Microsoft.

- Dan.

Re:uhh (-1, Redundant)

Hylandr (813770) | more than 3 years ago | (#35040728)

Flamebait on a very passionate and true posting. Evidence the astroturfers [wikipedia.org] have Mod points.

- Dan.

Re:uhh (0)

Anonymous Coward | more than 3 years ago | (#35040772)

Wow. What a sorry ass faggotty little cock sucker you are. Mommy will come rub your penis to make you feel better.

Re:uhh (-1)

Peach Rings (1782482) | more than 3 years ago | (#35040426)

I hope no slashdot users dedicate gigabytes to useless restore points. Not that slashdot users would ever render MHTML either though.

Re:uhh (5, Insightful)

hairyfeet (841228) | more than 3 years ago | (#35040966)

What EXACTLY is wrong with system restore? I've found especially with my click happy love to install software customers and relatives having a "quick undo" button comes in damned handy! Now of course system restore is in no way shape or form a substitute for backups, which is why I have them set up with weekly differentials and full backups monthly on USB HDDs, but you can't expect them to run a differential every time they want to try something new.

And who cares about "gigabytes" of anything anymore? Hell the lowest machines I sell have 500GB HDDs and even the kids P4 hand me downs have 400Gb drives, so why would anybody care? It isn't like huge drives are expensive.

So I really don't see what the problem is with system restore. For a quick undo button it works just fine, with huge drives worrying about 20-50Gb being reserved for system restore is frankly pointless when everyone has more space than they know what to do with, and when used with a combination of good AV, weekly backups, and a lower risk browser like Firefox or Chrome with ABP it does just what it should do, which is provide a quick way to roll back changes if something goes wrong. So what EXACTLY is so bad about it, because frankly I haven't seen a problem with system restore since XP SP2 came out.

Re:uhh (2, Interesting)

LordLimecat (1103839) | more than 3 years ago | (#35041160)

Because its reliability is spotty at best, its a haven for viruses (super-duper-hidden System Volume Information ftw!), and you never know what it will and will not break.

Re:uhh (0)

tqk (413719) | more than 3 years ago | (#35040866)

Hi MR AC! If you would have read TFA or even TFS ...

Well, some of us don't fscking care. WTF is MHTML?!?

(0) phreaque /home/keeling_ dict mhtml
2 definitions found

From Virtual Entity of Relevant Acronyms (Version 1.9, June 2002) [vera]:

    MHTML
              Messaging HyperText Markup Language (HTML)

From Virtual Entity of Relevant Acronyms (Version 1.9, June 2002) [vera]:

    MHTML
              MIME [e-mail encapsulation of aggregate documents, such as] HTML (MIME,
              HTML, RFC 2110)

Holy boring, Batman.

Knowledge Base containing Fixit Link (5, Informative)

Nuisance (153513) | more than 3 years ago | (#35039994)

Would be nice to have seen these in the article...

http://support.microsoft.com/kb/2501696 [microsoft.com]

Re:Knowledge Base containing Fixit Link (5, Interesting)

icebike (68054) | more than 3 years ago | (#35040304)

Perhaps also useful would be a hint that simply avoiding Internet Explorer would provide all the protection from this bug that is needed.

Re:Knowledge Base containing Fixit Link (0)

BadAnalogyGuy (945258) | more than 3 years ago | (#35040448)

Actually, since most 3rd party browsers use the IE rendering engine, they would be at risk as well.

Re:Knowledge Base containing Fixit Link (2, Funny)

CastrTroy (595695) | more than 3 years ago | (#35040498)

I can't think of any serious browser that uses the IE rendering engine. Firefox, Opera, Chrome, and Safari all use their own rendering engines. That covers 99.999% of all browsers in use.

Re:Knowledge Base containing Fixit Link (2)

parlancex (1322105) | more than 3 years ago | (#35040572)

Many applications that display embedded HTML would be at risk. Those applications include Steam, MSN Messenger and others, etc.

Re:Knowledge Base containing Fixit Link (2)

EvilIdler (21087) | more than 3 years ago | (#35040656)

Steam uses WebKit now, so no problem there. MS products are of course always at risk while there are vulnerabilities in the IE engine.

Re:Knowledge Base containing Fixit Link (1)

Zuato (1024033) | more than 3 years ago | (#35040752)

The major third party browsers do not : Firefox, Chrome, Opera.

Outlook, Outlook Express, and Windows Live mail are also impacted by this unless you have IE locked down tighter than most users would have.

Re:Knowledge Base containing Fixit Link (0)

santiagodraco (1254708) | more than 3 years ago | (#35040604)

No kidding. But hey, Microsoft just wants liability protection. They don't give a shit about actually giving users the data they need to protect themselves if it means tarnishing their image.

They know you can't replace Windows, but you can easily replace IE, hence it's a "Windows" problem.

Re:Knowledge Base containing Fixit Link (3, Insightful)

TheLink (130905) | more than 3 years ago | (#35041440)

Uh that's all the data most of their users need. Most of their users want a simple "FixIt" (that's how they often get into trouble in the first place, but that's not MS's fault). Most of these users aren't going to even know about this problem though. They'll only get a fix if MS ever releases it in a Windows Update and they have Windows Updates enabled.

As for the rest of the users who actually care to know more: https://www.microsoft.com/technet/security/advisory/2501696.mspx [microsoft.com]
The very few who are that interested can find out even more details themselves.

So it's inaccurate to say MS doesn't give a shit about this problem.

Re:Knowledge Base containing Fixit Link (1)

fragMasterFlash (989911) | more than 3 years ago | (#35040802)

What about Outlook? Can this exploit be triggered by code embedded in an email?

Investing (4, Funny)

cosm (1072588) | more than 3 years ago | (#35040008)

Can I just say that now is probably a good time to invest in the tech industry. Since /. has redesigned the site, I believe productivity levels in the industry will be on the rise due to the number of commenters leaving in droves.

Re:Investing (5, Funny)

Anonymous Coward | more than 3 years ago | (#35040068)

I'd mod you up but moderation is broken on opera

Re:Investing (5, Insightful)

artor3 (1344997) | more than 3 years ago | (#35040184)

And I'd mod you down, but doing so would make my post (and all other child posts) invisible as well. Heck, since you posted as AC, odds are no one will ever know this post was here.

Re:Investing (0)

Antisyzygy (1495469) | more than 3 years ago | (#35040218)

I'd mod you down for using Opera, but ator3 already mentioned why I can't.

Re:Investing (0, Troll)

Anonymous Coward | more than 3 years ago | (#35040266)

Why mod me down for Using Opera? It was the ONLY browser in which /. could render properly before the redesign fuck up.

Now inline commenting and moderation is fucked up, All they want to do is create a site for "people that use Safari browser".

Slashdot is death, suck it

Re:Investing (2)

WrongSizeGlass (838941) | more than 3 years ago | (#35040364)

Now inline commenting and moderation is fucked up, All they want to do is create a site for "people that use Safari browser".

I see they finally got my letters! Yay Slashdot!

Re:Investing (2)

rudy_wayne (414635) | more than 3 years ago | (#35040554)

Why mod me down for Using Opera? It was the ONLY browser in which /. could render properly before the redesign fuck up.

Now inline commenting and moderation is fucked up, All they want to do is create a site for "people that use Safari browser".

Slashdot is death, suck it

Every since the "new design" displaying posts has been fucked up. In Firefox, my normal browser, a small bit of the far left of each post is cut off. Ironically, I decided to try Internet Explorer (v8) and I am writing this reply in IE which displays the "new" Slashdot better than Firefox.

How interesting.

Re:Investing (0)

SadButTrue (848439) | more than 3 years ago | (#35040908)

This 0-day is an IE flaw so maybe ./ isn't worth the risk?

PS ./ works fine in Chrome too...

Re:Investing (1)

HJED (1304957) | more than 3 years ago | (#35041536)

Work fine (if not faster) for me in FF on Ubuntu.

Re:Investing (4, Funny)

DAldredge (2353) | more than 3 years ago | (#35040440)

I would mod you up but /. hasn't given me mod points for 3 or 4 years.

Re:Investing (1)

ColdWetDog (752185) | more than 3 years ago | (#35040610)

Hang in there Anitsyzgy - I was in the same place then last week - poof - mod points. All week. Now you get 10 of the stupid things.

Kinda like dingleberies - they hang around and are hard to get rid of. You're probably doing better posting than moderating anyway.

Re:Investing (1)

EvilIdler (21087) | more than 3 years ago | (#35040662)

For the past year and a half I've been getting mod points as soon as the previous bunch expired. It's bordering on annoying :)

Re:Investing (5, Informative)

Mr. DOS (1276020) | more than 3 years ago | (#35040926)

Sorry, but the 10 mod points is because you've been singled out [slashdot.org] (check the question “Why do I have 10 moderator points instead of the usual 5?” under Comments and Moderation), not because of the new design.

Re:Investing (4, Funny)

ikkonoishi (674762) | more than 3 years ago | (#35041004)

I must be a moderating god because I get mine in chunks of 15. O_o

Yes. The power! Its going to my head. I am the mod god! Its me!

Re:Investing (1)

Maow (620678) | more than 3 years ago | (#35040976)

I'd mod you up but moderation is broken on opera

I'd mod him up, but reading is broken on Firefox.

Re:Investing (1)

Linker3000 (626634) | more than 3 years ago | (#35041588)

I'd mod up too, but I am not here any more. Seriously, any change takes a while to get used to, but the new site design is an epic fail of Digg proportions. I have now added an RSS feed to /. on my phone and that's pretty much as far as I get with /. now.

Re:Investing (0)

Anonymous Coward | more than 3 years ago | (#35040154)

Well I was wondering about the new site. It sure is schmantcy, but its also slower. Here I thought the new Nvidia drivers would suddenly make things super-duper fast, and whammo, slashdot redesign sucks that speedup right out of the box and then some. Oh well, I can always pretend its 1983, and I'm on my Vic-20 instead of my CoreI7-920.

Re:Investing (3, Funny)

lowlymarine (1172723) | more than 3 years ago | (#35040172)

Clearly it's just your horribly dated hardware. Everything's fine on my i7-2600k, time to get with the times grandpa!

Re:Investing (3, Informative)

Culture20 (968837) | more than 3 years ago | (#35040270)

Assuming you're using the javascripty version of Discussion2
Take a look at your process list. Your browser is eating at least one of your cores. open a few more /. windows. Feel the burn. My single core machine was dying with just one window open. I had to go back to Discussion1 and flag /. with noscript. http://slashdot.org/users.pl?op=editcomm [slashdot.org]

Re:Investing (3, Insightful)

icebraining (1313345) | more than 3 years ago | (#35040374)

Classic version ftw. It doesn't use more than 6-7% of one core (AMD AthlonII X4 620).

Re:Investing (1)

PitaBred (632671) | more than 3 years ago | (#35040710)

While I'm running an H.264 transcode in the background (which uses 100% CPU) and still surfing Slashdot, and it is running fine. But then again, I'm using the FF4 64bit nightly build.

Re:Investing (1)

DeathFromSomewhere (940915) | more than 3 years ago | (#35040750)

Currently using 3% CPU, not once did I see it go above 10% while posting this (running various shit in the background). Chrome stable on Windows 7. Maybe it's time to upgrade?

Re:Investing (2)

dbIII (701233) | more than 3 years ago | (#35040978)

For one thing I intensely hate how the sidebar on the left obscures a few columns of article and comment text until about 4/5 of the way down the screen on firefox FFS. If they can't get it right for the current firefox on linux (and I'm assuming other platforms) then where does it work? Is this an iPad only site at the moment?

Re:Investing (1)

Zelgadiss (213127) | more than 3 years ago | (#35040276)

I quite like the new site actually, it's clean and seems less buggy then the old one.

While it had some bugs when it was release, most of them appear to have been fixed.

The only issues I have with it is the mobile version, text is too small, and quite a few rendering glitches (over-lapping text, title of top post getting clipped).

Re:Investing (-1)

Anonymous Coward | more than 3 years ago | (#35041130)

You get mod points for looking at slashdot on your phone. Dork.

Re:Investing (2)

dave562 (969951) | more than 3 years ago | (#35040298)

I would reply to this, but if you were to reply back to me, I would have to drill down through a whole slew of posts to find what you wrote. Where as previously I could just go to http://slashdot.org/~dave562/comments [slashdot.org] and then click on the comment you replied to. It would bring up a nice, EXPANDED tree view of the discussion thread.

One step forward, two steps back? Ah hell, who am I kidding. We all know that three steps were taken, but they were all in the same direction.

Re:Investing (2)

Cthefuture (665326) | more than 3 years ago | (#35040320)

Is it just me or does the front page not show the number of comments any more? I really liked that and now it feels weird.

Any way to turn it back on?

Re:Investing (1)

Anonymous Coward | more than 3 years ago | (#35040358)

I liked that too.

I also liked the ability to do basic slashdot stuff WITHOUT HAVING TO FUCKING ENABLE JAVASCRIPT!

Re:Investing (1)

Anonymous Coward | more than 3 years ago | (#35040950)

People leaving in droves affects comment numbers. Best not to advertise it on the front page :)

Re:Investing (3, Interesting)

uvajed_ekil (914487) | more than 3 years ago | (#35041320)

You're right, I'm not seeing the number of comments, either. I liked having it - I knew instantly if there was a big buzz about something, or if taking time to throw in my two cents might matter for a stalled thread.

Re:Investing (1)

Rick17JJ (744063) | more than 3 years ago | (#35041550)

As I am typing this, it says there have only been 92 comments, so far. I have been wondering where all the comments and replies went. Do I just did not know how properly use the new version of their website to see all of the comments that might possibly really be hidden somewhere there?

Even when I click on various comments, I am not usually not finding many additional replies hidden beneath that comment. I am only seeing a tiny fraction of the amount of comments and replies that I had normally been seeing on Slashdot.

I had also been thinking that my computer was somehow blocking most of the comments. So, I had the NoScript extension for Firefox enable scripting for Slashdot under Firefox, to try to see what I was missing. But, that did make any obvious difference. Clinking on the "Get More Comments" button also did not not seem to help.

Earlier today, I tried viewing Slashdot with a Windows computer instead of my Linux computer to see if more posts would appear there, but they did not. Am I somehow not seeing most of the comments? Are there really so few people using Slashdot today?

Re:Investing (4, Insightful)

seifried (12921) | more than 3 years ago | (#35040328)

I think they've "pulled a Digg"

Re:Investing (1)

melikamp (631205) | more than 3 years ago | (#35040466)

Nah. Now people will waste even more time trying to fix the bugs with Stylish hacks like these:

One-liner contrast:

#comments .oneline {background: #F5F5F5 !important;}
#comments .oneline p {color: Black !important;}
.oneline .commentBody {color: Black !important;}

Highlighting friends:

span.friend {
border-style: groove;
border-width: 2px;
background-color: #32CD32;
}

span.friend > a:link {
color: black !important;
margin-left: 1em !important;
margin-right: 1em !important;
}

Re:Investing (1)

Tacvek (948259) | more than 3 years ago | (#35040844)

Nice thanks. I actually did better than highlighting friends, and restored the original icons, while ensuring the icons still function as a link.

In case anybody finds it interesting: https://gist.github.com/801524 [github.com]
(Sorry about Gist's syntax highlighting making it hard to read, but you can click the raw link for the formatted text.)

Re:Investing (1)

melikamp (631205) | more than 3 years ago | (#35041250)

Very nice. I actually made a mistake: Black should be black. It works, but it's not kosher.

And after much cursing, I managed to kill the box on the left:

div.col_1 { display: none !important; }
section#firehose { margin-left: 0 !important; }
section#comments { margin-left: 1.5em !important; }

Re:Investing (2)

nmb3000 (741169) | more than 3 years ago | (#35041472)

It's so frustrating how correct you are. I used to enjoy reading comments to a story, but now it's essentially impossible because of how BROKEN the scrolling is (at least in Firefox and IE). Scrolling using the mousewheel is slow as hell and when using the keyboard it's very unresponsive. That and the new style is hard to read and has too much whitespace. I feel like I'm staring at a lightbulb trying to read gray text.

For me this redesign has just demonstrated why I hate web 2.0. You are held hostage at the whims of moron marketing people and crappy devs like those behind the driving force of this redesign. It serves absolutely no meaningful purpose, is worse than the previous design, and everyone hates it. As you noted, fewer people are commenting, and if it doesn't improve people won't come back.

Taco - Why can't you wait until you have something that's actually better than the previous version before releasing this crap on us? Or do you not have a dev/staging system in place and this is your way of testing it? Waiting for people to come up with Stylish hacks to fix your useless and broken CSS? Just wondering.

Re:Investing (0)

Anonymous Coward | more than 3 years ago | (#35041544)

Works fine for me on FF 3.6 on Ubuntu. In fact it feels faster.

IMPOSSIBLE! (-1, Flamebait)

Octopuscabbage (1932234) | more than 3 years ago | (#35040018)

What?!?! A bug in a microsoft product!!! Good thing its open source so I'm sure a developer will fix it soon. Oh wait...

Re:IMPOSSIBLE! (-1, Flamebait)

Anonymous Coward | more than 3 years ago | (#35040034)

It already has a patch you dumb shit.

Which versions (1)

bvimo (780026) | more than 3 years ago | (#35040046)

WTF is a current version of Windows? 3, 95, 98, Me, 2000, XP??

Re:Which versions (2)

postmortem (906676) | more than 3 years ago | (#35040060)

WTF is a current version of Windows? 3, 95, 98, Me, 2000, XP??

Versions that are still supported actively, which are Windows XP SP3 and newer.

Re:Which versions (1)

bvimo (780026) | more than 3 years ago | (#35040090)

Thank you.

Re:Which versions (5, Informative)

PatPending (953482) | more than 3 years ago | (#35040134)


Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2**
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2**
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems**
Windows Server 2008 R2 for Itanium-based Systems
Source: http://www.microsoft.com/technet/security/advisory/2501696.mspx [microsoft.com]
Appears to apply only to Internet Explorer

Re:Which versions (2)

stoborrobots (577882) | more than 3 years ago | (#35040312)

Appears to apply only to Internet Explorer

And anything else which uses the MHTML component, which includes many, many applications, including anything which uses the "Windows Help" system...

Re:Which versions (1)

SadButTrue (848439) | more than 3 years ago | (#35040928)

Ohhh!!!! There is a help system in windows? I did not know that.

Re:Which versions (2)

Korin43 (881732) | more than 3 years ago | (#35040588)

Ha! And they said I should stop using Windows 98!

Re:Which versions (1)

The MAZZTer (911996) | more than 3 years ago | (#35040144)

Umm it's right in TFS.

from XP up through Windows 7 and Windows Server 2008

Re:Which versions (1)

PatPending (953482) | more than 3 years ago | (#35040250)

Why should he have to read TFS when there are fools (like me; see my earlier reply and my sig) who post informative replies? ~

Re:Which versions (0)

Anonymous Coward | more than 3 years ago | (#35040272)

WTF is a current version of Windows? 3, 95, 98, Me, 2000, XP??

It's the version with all the raisins in it.

Re:Which versions (1)

WorBlux (1751716) | more than 3 years ago | (#35040404)

Anything that is still officially supported (XP service pack 2, and Windows 2000 aren't, anything newer is)

Re:Which versions (1)

jez9999 (618189) | more than 3 years ago | (#35041666)

So does this bug not happen on XP SP2, or do they just not give a shit about users who're using it?

Is it Windows or Internet Explorer? (1)

Luxemburg (890431) | more than 3 years ago | (#35040168)

I would assume Firefox handles its MHTML itself?

a

Re:Is it Windows or Internet Explorer? (2)

JSG (82708) | more than 3 years ago | (#35040258)

Try using a search engine with the term MHTML and getting something like this: http://en.wikipedia.org/wiki/MHTML [wikipedia.org]

On FF you'll need a plugin to "see" MHTML, whatever it is. It seems to be an unholy mix of HTML and MIME and sounds unpleasant and probably a bit unnecessary.

Cheers
Jon

Re:Is it Windows or Internet Explorer? (1)

Saint Stephen (19450) | more than 3 years ago | (#35040282)

Nothing really works with .mht anymore, anyway. I used to use it to save web page receipts, etc. no more.

Re:Is it Windows or Internet Explorer? (0)

Anonymous Coward | more than 3 years ago | (#35040332)

It can affect firefox as well if you use IE frame.
The scary part is that the exploit for this bug it out in the wild [tinyurl.com]

Windows is still great. (-1, Troll)

catmistake (814204) | more than 3 years ago | (#35040230)

I don't care how many new flaws keep popping up, Windows is still the best OS for insecure computing and rot. Show me an OS that can waste more of your time, proc cycles, harddrive reads&writes or bandwidth... I dare you. Can you imagine the increased unemployment rate if it was actually fixed? Windows is good for the economy, and good for China.

Re:Windows is still great. (1)

JSG (82708) | more than 3 years ago | (#35040294)

You don't remember {MS|PC|IBM}DOS do you?

It should be possible to sue for time wasted trying to get 620Kb free memory available to run some shitty Lucas Arts game (or a crappy network stack n client).

Before the "I had a few problems with punch cards" mob dives in - no one ever said that a batch system based on paper doilies would be easy.

Cheers
Jon

that ho on the corner still feels good! (0)

Anonymous Coward | more than 3 years ago | (#35040302)

the john and pimp defend their prostitutes to the bitter end.

Microsoft takes 2 weeks to confirm things (1)

Anonymous Coward | more than 3 years ago | (#35040322)

Re:Microsoft takes 2 weeks to confirm things (0)

Anonymous Coward | more than 3 years ago | (#35041072)

Microsoft takes 2 weeks for everything.

Incorrect Article Title (Headline) (1)

lloyddean (159386) | more than 3 years ago | (#35040324)

Who writes these Headlines. It's not a NEW bug it's an (possibly) un-noticed OLD bug.

Re:Incorrect Article Title (Headline) (2)

JSG (82708) | more than 3 years ago | (#35040402)

Well Mr six dig, RanDomCapS 'n' punctuationeer extraordinare - who can say?

Apparently someone called Timothy left their name on the article for all to see.

This: https://www.microsoft.com/technet/security/advisory/2501696.mspx [microsoft.com]

was posted 28 Jan 2011.

When did you notice the bug? - We'd all love to hear your insights on it.

Cheers
Jon

Re:Incorrect Article Title (Headline) (0)

Anonymous Coward | more than 3 years ago | (#35041180)

I suppose when someone discovers fossilized bones, that's a NEW dinosaur then ...

Re:Incorrect Article Title (Headline) (1)

disambiguated (1147551) | more than 3 years ago | (#35041326)

I'm tempted to say yes. If the dinosaur was previously undiscovered, it wouldn't be unclear to say "scientists discover a new dinosaur."

The Reason for Window Bugs (0)

NicknamesAreStupid (1040118) | more than 3 years ago | (#35040356)

It goes so fast that those little buggies just can't get out of the way. Besides, they are drawn to the light.

Really not an issue... (0)

steeleyeball (1890884) | more than 3 years ago | (#35040490)

Not a problem for my Vic 20 or my Linux powered Acer Aspire REVO Nettop.

Re:Really not an issue... (1)

by (1706743) (1706744) | more than 3 years ago | (#35040832)

Not a problem for my Vic 20 or my Linux powered Acer Aspire REVO Nettop.

Fullscreen flash, on the other hand, probably is ;)

Re:Really not an issue... (1)

steeleyeball (1890884) | more than 3 years ago | (#35041390)

I don't have any real problems with Full Screen Flash on my REVO... Flash Videos generally play smoothly.

Re:Really not an issue... (1)

Osgeld (1900440) | more than 3 years ago | (#35041322)

I am sitting on my DEC 386 laptop thinking the same thing, then I thought, fuck this takes less time to scroll through comments on the /. site than it does on my uber modern web browser on a multicore 2.8GHZ computer

so what the fuck is my incentive anymore people?

Microsoft has released a FixIt tool (0)

Anonymous Coward | more than 3 years ago | (#35040734)

Linux /obligatory

Yawn... Slow news day? (1)

mysidia (191772) | more than 3 years ago | (#35040912)

The bug's not new... in multiple editions of Windows; that means it's been around for quite a while.

Newly discovered, yes, but in the average month there are over 20 serious newly discovered bugs in Windows. And there are millions more where that came from.

Re:Yawn... Slow news day? (1)

PPNSteve (1287174) | more than 3 years ago | (#35041278)

The bug's not new... in multiple editions of Windows; that means it's been around for quite a while.

Newly discovered, yes, but in the average month there are over 20 serious newly discovered bugs in Windows. And there are millions more where that came from.

It's not a bug! It is a FEATURE!!
Get with the times, man.

What the f*ck is MHTML? (0)

Anonymous Coward | more than 3 years ago | (#35040948)

Filter error: You can type more than that for your comment.

Re:What the f*ck is MHTML? (1)

snookiex (1814614) | more than 3 years ago | (#35041218)

I hate those .mht files. I thought they weren't a standard, but turns out that that format is a kind of [wikipedia.org] .

Not the exploits fault (-1)

Anonymous Coward | more than 3 years ago | (#35040982)

Its the users fault for using internet explorer. unless you are needing full ASPX functionality, get chrome or firefox

Re:Not the exploits fault (1)

disambiguated (1147551) | more than 3 years ago | (#35041350)

I think you meant ActiveX. ASPX is a server-side technology; I doesn't require browser support.

Someone call teh ROFLCOPTER (3)

Crypto Gnome (651401) | more than 3 years ago | (#35041432)

MSIE just shot itself in the foot.

MHTML is a microsoft-ism

If you do not use the worlds-most-villified-browser, and if you have also not explicitly installed a plugin (or otherwise) to enable MHTML support in our *much less sucky* browser, then you are golden.

Google Chrome (1)

satuon (1822492) | more than 3 years ago | (#35041542)

This makes me glad I use Google Chrome. As well as the speed, of course.

Re:Google Chrome (1)

VortexCortex (1117377) | more than 3 years ago | (#35041560)

This makes me glad I use Google Chrome. As well as the speed, of course.

Who doesn't use "the speed"; I agree, using it makes everything better -- Just don't get too addicted. However, Chrome is overrated, IMHO; Mirrors work just as well.

monolithic system (1)

amn108 (1231606) | more than 3 years ago | (#35041712)

Goddamned monolithic systems... Insecure components breaking entire installations, where the components themselves are not used more than once a year perhaps. Way to go, Microsoft, seems you're religious about all of it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>