Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Latest Version of MyDoom Exploits New IE Flaw

michael posted more than 9 years ago | from the zero-day-wormz dept.

Worms 435

techentin writes " CNN Money is reporting a new and improved MyDoom variant which is spread by a hyperlink in email. Clicking the link connects the user to an infected machine, which exploits a recently discovered buffer overflow in Internet Explorer. McAfee has a more detailed description. Is this yet another good reason for running Firefox?" CNET also has a story.

cancel ×

435 comments

Sorry! There are no comments related to the filter you selected.

Awww, Microsoft is so sweet (5, Funny)

Anonymous Coward | more than 9 years ago | (#10770776)

Give Firefox [mozilla.org] such a big present for their 1.0 release.

Re:Awww, Microsoft is so sweet (5, Funny)

Anonymous Coward | more than 9 years ago | (#10770831)

I would agree with you, except it seems that IE exploits are found pretty much every day that ends in "y".

Re:Awww, Microsoft is so sweet (3, Funny)

Dr Caleb (121505) | more than 9 years ago | (#10770853)

Release? It wasn't 'released', it 'escaped' . . . ;)

OMFG! MASTER CHEF DIES AT THE END OF HALO2!!!!1!!! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10770905)

Apparently the MyDoom worm ate his chocolate salty balls!

CNN Story (4, Insightful)

AKAImBatman (238306) | more than 9 years ago | (#10770778)

It's pretty neat how far FireFox is beginning to spread. CNN carried this story on TV just a half-hour ago. They mentioned that FireFox was becoming the most popular alternative to IE. My coworkers (who's job includes watching CNN) came by and asked me why this FireFox thing is better. I told them about tabbed browsing, popup blocking, lack of security issues, and other niceties.

One of the coworkers downloaded FireFox right away. I actually expected him to take a little while to wean off of IE. After I showed him FireFox's features, however, he set FireFox to his default browser and deleted his IE shortcuts! I think we're definitely making headway. :-)

Re:CNN Story (5, Insightful)

scribblej (195445) | more than 9 years ago | (#10770884)

"Lack of security issues?"

Okay, I'll grant you that FireFox is probably more secure than IE. But to say it lacks security issues is going a little further than I'd go, myself. In fact, I'd be willing to bet you $10 that it has security issues of it's own.

Don't sell your friend a dream. Set his expectations realistically. No software is bulletproof. No software lacks security issues.

Firefox f-ing rocks, no doubt about it. It blows IE out of the water. It probably has far fewer security holes. But to say it "lacks security issues" is naieve.

Don't believe everything you read on slashdot. A lot of these people have an agenda to meet.

Re:CNN Story (4, Interesting)

AKAImBatman (238306) | more than 9 years ago | (#10770980)

I believe I put it as, "lack of security issues like the one pointed out by CNN" as well as "It helps protect against Spyware". It's true that FireFox is not invulnerable (e.g. the download bug), but it's nearly there for most users.

Remember how FireFox handled the download bug? Old copies of the browser would actually be redirected to an auto-update site. Click a button, wait for a few kb download, and voíla! A secure browser. :-)

until someone discovered a bug that redirects... (3, Insightful)

slew (2918) | more than 9 years ago | (#10771072)

until someone discovered a bug that redirects to a pwn3d auto-update site, click a button wait a few kb download and voila... Yeah that might not happen, but don't think it is out of the range of possibility...

Re:CNN Story (4, Funny)

w1r3sp33d (593084) | more than 9 years ago | (#10770887)

Now show him http://slackware.com/ [slackware.com] and he shall become more powerful than you can possibly imagine.

Re:CNN Story (1)

pdboddy (620164) | more than 9 years ago | (#10770919)

Heh, I do people a favour, and download Firefox/Mozilla for them. :P Most of the time they're not mad.

Re:CNN Story (1)

CMcQueeny (682013) | more than 9 years ago | (#10770939)

Firefox, and to a lesser degree open source in general, is beginning to reach that point where people have enough sense to ignore the proverbial "outcry of the candle-makers" which tends to follow the introduction of a superior product. The fact that Microsoft has yet to take a serious offensive (I predict this will happen soon, now that the 1.0 epoch is upon us) does not help IE's position.

I myself have converted several people already. Downloading a copy and showing prospects the speed and tabbed browsing seems to be sufficient.

Re:CNN Story (2, Funny)

mind21_98 (18647) | more than 9 years ago | (#10770961)

It's not the most popular browser till mozilla.org gets Slashdotted! :)

Sweet (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10770782)

FP and Linux rules! Take that MCSE punks.

gmail (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10770787)

LIES (3, Funny)

Anonymous Coward | more than 9 years ago | (#10770790)

A bug in IE? I won't believe it till I see i--

Re:LIES (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10770814)

LOL. Typical Dell call.

Re:LIES (2, Funny)

Ploum (632141) | more than 9 years ago | (#10771007)

Indeed ! It's what I try to say since a few hours !
Firefox is out.. blablabla.. don't use IE.. blabla !

But IE is the best browser, and I explain why ! [frimouvy.org]

In other news... (4, Funny)

simdude585 (782096) | more than 9 years ago | (#10770791)

Microsoft today announced that it was going to leave IE users to fix their own patches...

Re:In other news... (2, Funny)

Zonnald (182951) | more than 9 years ago | (#10770885)

Source?

Or are you just trying to be fawnnee?

teach kids that IE is dangerous (5, Funny)

t_allardyce (48447) | more than 9 years ago | (#10770799)

Can they start teaching in school that using IE is like having un-protected sex with 15 donkeys? or would Microsoft complain?

Re:teach kids that IE is dangerous (4, Funny)

Ayaress (662020) | more than 9 years ago | (#10770827)

I used a simmilar metaphor (using IE without a firewall is like having unprotected group sex blindfolded was the one I used). One person I told this two actually STOPPED using Mozilla, though, so I tend to stay away from the sex metaphors now.

Re:teach kids that IE is dangerous (1)

slicenglide (735363) | more than 9 years ago | (#10771098)

Having group sex blindfolded or not is pretty dangerous... You have to remember, it's not the hiddeous skanks that no one has been with you have to worry about, it's the pretty one with Daddy issues that you have to watch out for.... They are infestation city.

Re:teach kids that IE is dangerous (1)

SlayerofGods (682938) | more than 9 years ago | (#10770860)

Actually having sex with a donkey is probably pretty safe. I don't think there are any human/donkey sexualy transmitted diseases.

Re:teach kids that IE is dangerous (1)

t_allardyce (48447) | more than 9 years ago | (#10771069)

You're using the old Apple argument there - If no-one else is getting jolly with a donkey then obviously there will be little risk of disease, but when everyone starts doing it, STDs start appearing at an alarming rate - same with IE, with so many people using it, and its infamous Microsoft lack of security its like everyone sharing everyone elses donkey!

Re:teach kids that IE is dangerous (0)

Anonymous Coward | more than 9 years ago | (#10771089)

You obviously don't know much about biology or how STDs are actually transmitted, so I can only guess that your opinions regarding software are similarly flawed.

Re:teach kids that IE is dangerous (1)

dodongo (412749) | more than 9 years ago | (#10770920)

Remember, if you have unprotected sex with a donkey, it's like having sex with all the donkey's that donkey has been with before!

Re:teach kids that IE is dangerous (1)

EnronHaliburton2004 (815366) | more than 9 years ago | (#10770921)

IE is like having un-protected sex with 15 donkeys

Hey, well using Firefox is like having sex in public...

"No, you're doing that wrong! Here, do it this way instead."
"Haha, look at his exploit!"
"Err... it would be much more efficient if you stuck that thing over here instead."
"Hey hey hey, at least he's using protection! If you suspect that something is wrong, we can always audit them!"

Re:teach kids that IE is dangerous (0)

Anonymous Coward | more than 9 years ago | (#10770927)

Can they start teaching in school that using IE is like having un-protected sex with 15 donkeys? or would Microsoft complain?

Microsoft Donkey(TM)
Where did you want to stick it today?

Re:teach kids that IE is dangerous (0)

Anonymous Coward | more than 9 years ago | (#10770983)

A long time ago when there were still uncharted territories, an "Africa Explorer" would explore Africa and sleep with a bunch of local women and catch or propagate a bunch of diseases. "Internet Explorer" is the same concept, but for the Internet.

Wow! (5, Funny)

mindaktiviti (630001) | more than 9 years ago | (#10770802)

People still use IE?

big deal (5, Funny)

Anonymous Coward | more than 9 years ago | (#10770805)

ok so they accidently leave one bug in their browser and everybody jumps all over them. big deal!

A good reason for using Firefox, or ... (3, Insightful)

eqkivaro (721746) | more than 9 years ago | (#10770809)

users could pull their heads out of their asses and stop clicking on links in SPAM.

Re:A good reason for using Firefox, or ... (2, Insightful)

Metzli (184903) | more than 9 years ago | (#10770838)

Unfortunately, it's much easier to get people to switch browsers than to actually think.....

Re:A good reason for using Firefox, or ... (2, Insightful)

eqkivaro (721746) | more than 9 years ago | (#10770967)

After watching the election this past week, I'd have to agree with you there.

Re:A good reason for using Firefox, or ... (5, Insightful)

chill (34294) | more than 9 years ago | (#10770867)

users could pull their heads out of their asses and stop clicking on links in SPAM.

Bzzzt, wrong answer.

Most viruses come from people you know, since they exploit the address book feature. Most spam comes from people you never heard of.

Thus, it is the links in the e-mail from people you KNOW, not spam, that is the problem.

Re:A good reason for using Firefox, or ... (2, Insightful)

Zonnald (182951) | more than 9 years ago | (#10770912)

I am not so sure about that.

Most of the emails that I recieve that have "Click Here" are coming from people I don't know, and often seem like derived names from various first and lasts names.

BUT I STILL DON'T CLICK ON THE LINK.

Re:A good reason for using Firefox, or ... (2, Informative)

eqkivaro (721746) | more than 9 years ago | (#10770936)

did you RTFA? People I know don't send me emails about my ebay account.

Re:A good reason for using Firefox, or ... (1)

budgenator (254554) | more than 9 years ago | (#10770998)

If they actualy gave a shit about users wouldn't they test for things like this, how hard is it to throw psuedo-random garbage at a program in testing to see if and where a buffer is going to over-flow? Any part of a program that excepts external input needs to assume that input is bad until proven otherwise; and it needs to have a ton of garbage as well as valid input thrown at that input to make sure it realy does.

You Microsoft poeple are getting old... (1, Funny)

vettemph (540399) | more than 9 years ago | (#10770813)

Is this yet another good reason for running Firefox?

No, It's a good reason for switching to linux so I don't have to hear you bitch anymore.

Could be a trick (5, Funny)

SlayerofGods (682938) | more than 9 years ago | (#10770819)

How do we know the link to the story isn't just a trick to get us infected?

Good timing (2, Funny)

Anonymous Coward | more than 9 years ago | (#10770821)

A patch has just been released:

http://www.mozilla.org/products/firefox/ [mozilla.org]

Better the losing side. (5, Insightful)

jbrelie (322599) | more than 9 years ago | (#10770824)

Let's not be hasty. True, I love Firefox, but IE is a giant honey pot out there for malicious attackers. If too many people switch, they'll start targeting Firefox. As much as I hate to admit it, they WILL find flaws to target.

You mean like... (2, Insightful)

Anonymous Coward | more than 9 years ago | (#10770854)

You mean like how Apache is #1 for vulnerabilities because it's the most popular web server?

Re:You mean like... (0)

Anonymous Coward | more than 9 years ago | (#10771071)

Apache has had it's share of serious problems. Not to mention that you seem to be comparing Apache to IE, try comparing it to IIS which is rooted FAR less often than IE has. They are written by essentially two completely different companies.

But hey, never mind about being fair, this is Slashdot after all...

Re:Better the losing side. (1)

Rude Turnip (49495) | more than 9 years ago | (#10770918)

And I wager they'll get fixed a lot faster.

Re:Better the losing side. (1)

w1r3sp33d (593084) | more than 9 years ago | (#10770922)

Yes they will always find flaws, but IE is like shooting fish in a barrel.

Re:Better the losing side. (1)

Zerbey (15536) | more than 9 years ago | (#10770926)

Bring it on. I hope they do, and then we'll patch them. Then FF 1.1 will be even better than FF 1.0.

Re:Better the losing side. (0)

Anonymous Coward | more than 9 years ago | (#10771045)

And how is that ANY different that MS being rooted then patched?

Ooooh, because it's Open Source! THAT MAKES EVERYTHING OK I GUESS!!!!!!

Re:Better the losing side. (0)

Anonymous Coward | more than 9 years ago | (#10770945)

Keep up the positive attitude, Captain Optimism!

Re:Better the losing side. (0)

Anonymous Coward | more than 9 years ago | (#10770976)

Considering that expoits have ALREADY been found in previous versions of Firefox and Mozilla, that's hardly an astute observation.

FF WILL be rooted, it's just a matter of time.

Enjoy your "safety" for the short time you have it.

Re:Better the losing side. (1)

NMEismyNME (725242) | more than 9 years ago | (#10770946)

One wonders whether the open source nature of the firefox project will be a blessing or a curse in this instance.... the curse being that the flaws will be easier to find, and the blessing being the strong likelihood of vulnerabilities being patched in a timely fashion.

On balance, I think I'll stick with Firefox.

Re:Better the losing side. (1)

BRSQUIRRL (69271) | more than 9 years ago | (#10771004)

But I'd bet that the time it would take for the Firefox team to get a fix out would be measured in days, not months...

Re:Better the losing side. (5, Insightful)

stefanlasiewski (63134) | more than 9 years ago | (#10771019)

they WILL find flaws to target

Sure, but will those flaws in Firefox as serious as the flaws in IE?

It seems like when Microsoft attempted to integrate IE with the OS, IE was allowed access the OS in some very dangerous ways.

For instance, why would earlier versions of IE write files to any directory without asking the User for permission?

Not as much of a problem though (5, Informative)

einhverfr (238914) | more than 9 years ago | (#10771077)

There are a few design flaws in IE that make it a uniquely dangerous program to use to access the internet. These mistakes have, as yet, not been made by the Mozilla team. Perhaps we have learned a few things...

The largest problem (mostly the cause of spyware rather than viruses though) is the issue of ActiveX scripting. Because ActiveX controls are trusted on the basis of vendor signature, and because someone can force an old version to be downloaded and installed, it means that no security patch can protect you against a malicious site scripting against a bug in an ActiveX control signed by a trusted vendor. No security patch can be writte to do this without breaking *every* ActiveX control in the internet.

The second issue is that of security zones. This allows an attacker to exploit any flaws that come with the enforcement of such zones. This is an issue for viruses and spyware alike.

Now, it is possible that a new as yet unimagined sort of attack will eventually be possible against some type of functionality in Mozilla. At least one type has (XUL files spoofing interfaces), but if these become a problem, it is open source, and so you or anyone else can pay for somone to make a version with a different structure. If enough people switch, the process begins over again. But each time, I think we are safer.

Re:Better the losing side. (1)

Mikeybo (801849) | more than 9 years ago | (#10771097)

I don't think they will 'cause "they" might have already worked on the development of Firefox/Mozilla. :)

ClamAV stopped this 5 hours ago (4, Interesting)

jtsoong (307257) | more than 9 years ago | (#10770826)

After seeing this posted i checked my pattern files on the mail server.

Happy to see that ClamAV had the pattern files through a cron job 5+hours ago.

buffer overflow (1)

elevateskater (820136) | more than 9 years ago | (#10770828)

Microsoft with buffer overflow errors? never! Hope this brings even more publicity to FireFox :)

Thot they 8 their own dogfood... (0)

Anonymous Coward | more than 9 years ago | (#10770947)

but c# doesn't suffer buffer overflows!

I doubt that the flaw is new (1)

Zonnald (182951) | more than 9 years ago | (#10770834)

that just about says it all, now I will RTP and determine if this flaw was introduced since the last patch....

Good timing for firefox (1)

bdigit (132070) | more than 9 years ago | (#10770835)

Good to hear. Just gives more people another reason to switch to the newly released firefox 1.0 browser! Hopefully the nytimes ad will be placed within the next 2 weeks and the world will be a better place.

Firefox question (0)

Anonymous Coward | more than 9 years ago | (#10770839)

I'll post this here just in case you all know the answer and care to share it: how can I tell firefox to save my bookmarks file in my My Documents folder instead of some distant profile folder? I store my documents on a separate volume and back it up regularly.

Re:Firefox question (1)

Rightcoast (807751) | more than 9 years ago | (#10771093)

Try Bookmarks>ManageBookmarks>File>Export and save the .html where you want it:)

more info about the virus (2, Informative)

dwgranth (578126) | more than 9 years ago | (#10770840)

here at our company, we were hit w/ this virus a few days ago.. of course since IE is our standard browser.. well you get the picture.. anyway, the virus uses a few vulns.. one is the link spoofer and the spoofed link (in an email from the infected box which pulls any email addy it can to trick you) is a link to the infected box.. which then uses the noted vulnerabilty and the process repeats... so basically

Re:more info about the virus (1)

Zonnald (182951) | more than 9 years ago | (#10770966)

It would make sense for your Network Admin to keep eye out for such email (does he get them too). and as soon as one hits, blonk the URL into the Firewalls exclusion list? Thus improving the chances of the Boss not screwing up his machine and screaming at the NA.

Re:more info about the virus (1)

tacokill (531275) | more than 9 years ago | (#10771084)

So how does it jump domains? Since each link points back to the infected box, I presume it has to be on the "open" internet to be really effective, otherwise, it should be limited to the local network only -- presuming you block any inbound requests to the infected box (what port are they on?)

Just in time! (1)

cloudkj (685320) | more than 9 years ago | (#10770841)

Yup. Just in time for Firefox's release! Make the switch today! [mozilla.org] Go Firefox 1.0, it's your birfffday, we gon party like it's your birfffday!

Re:Just in time! (0)

Anonymous Coward | more than 9 years ago | (#10771038)

Company with 1,000 desktops x 1 hour user training/lost productivity (minimal) x $45 average user hour cost = only ~50k!! Sounds like a switch is worth it. I mean, only having to pay $45k for something that will never have a security issue is really worth it.

Right.

If only (5, Funny)

fluxrad (125130) | more than 9 years ago | (#10770859)

Man, if only there were some browser we could use instead of IE...

Oh well.

SP2 (5, Informative)

Anonymous Coward | more than 9 years ago | (#10770868)

SP2 not vulnerable... Upgrade or perish.

Scary social engineering (3, Interesting)

GQuon (643387) | more than 9 years ago | (#10770873)

This isn't about this particular worm, but recently made it though my spam filters and IDS:
----
Re: my bill
From: [from address, probably spoofed]
To: [My adress]

Requested file.

+++ Attachment: No Virus found
+++ [Name of antivirus software] - [website of antivirus software]

bill.zip
-----
The zip contained a pif file with a .rtf ending.

Particularly scary social engineering, since it claims to be from an anti-virus company that I'm actually familiar with.

Re:Scary social engineering (1)

MEGAMAID (791988) | more than 9 years ago | (#10770974)

I've seen lots of these. It's where the FROM address is a friend that you have real trouble.
It's damn hard to stop them opening things from people they know, and if it's a link then most people would have no hesitation clicking on it.

Re:Scary social engineering (1)

Zonnald (182951) | more than 9 years ago | (#10771030)

Scarier still, sometime they are telling you that you sent them an infected email, so do you reply and thank them, or just ignore.

If you reply are you confirming your Email address to some punk spammer.

If you ignore - can you be sure that you are not infected.

What do you do. What do you do.

Re:Scary social engineering (1)

ab0mb88 (541388) | more than 9 years ago | (#10771074)

This is a problem that I have been seeing more and more. I get mail all of the time that says bill, the solution I have been sticking with for the last couple months is just getting rid of them. The same thing for any post mail that I get that looks like it could be a bill also, you never know when those social engineers will start to use the post office to bypass your virus scanning software.

They are constantly changing their formatting, just last week they almost tricked me into infecting my computer by sending me a message that said final notice, but I didn't fall for it...

Microsoft should be praised for IE. (5, Funny)

Anonymous Coward | more than 9 years ago | (#10770881)

A seemingly infinite number of flaws in a finite piece of code, this is quite an achievement.

Firefox 1.0 (1, Offtopic)

jon_oner (753207) | more than 9 years ago | (#10770917)

every new version of firefox breaks all the themes and extentions previously installed. This is my 4rth time around hunting down Easygestures...

Re:Firefox 1.0 (1)

16K Ram Pack (690082) | more than 9 years ago | (#10770988)

should be your last too. Remember, this is 1.0.

Re:Firefox 1.0 (0)

Anonymous Coward | more than 9 years ago | (#10770991)

That's not true. Most of my extensions were updated in the period between 1.0 PR and 1.0 because of the RC's. The only thing I'm waiting on is an official new Qute release (have a "hacked" one that works.)

Sorry? IE?... (1, Funny)

Anonymous Coward | more than 9 years ago | (#10770937)

Oh yes... that's that web browser that people used to use before FireFox came along isn't it...

How quaint, people are still using it...

Another reason Windows isn't ready for the desktop (5, Funny)

coupland (160334) | more than 9 years ago | (#10770955)

I've been running Linux on my main desktop for years, and recently I've really been considering switching to Windows. After all, it's got some cool apps, and while I wouldn't call it "feature complete", I say they've done a good job of implementing many of the best features of Linux and OSX. However it's articles like this that convince me it's still a bit early to switch to Windows.

All told they've made some real inroads in servers, and the desktop experience is improving with each release (the current unstable branch -- AKA "XP" -- has implemented the theme concept long popular in KDE and Gnome!) however I think it's still premature to declare Windows ready for prime time on the desktop.

MOD PARENT UP (1, Informative)

Anonymous Coward | more than 9 years ago | (#10771013)

+100 scratch off a few more ticks for microsoft 'innovation'!

I hate to be picky... but.... (2, Insightful)

simetra (155655) | more than 9 years ago | (#10770971)

the little image for this "worms" topic isn't a worm, it's a catipillar (sp?)... or a larvae of some sort. How about a real worm image?


Re:I hate to be picky... but.... (0)

Anonymous Coward | more than 9 years ago | (#10771025)

Does this [caldera.com] help?

Re:I hate to be picky... but.... (0)

Anonymous Coward | more than 9 years ago | (#10771046)

You mean, like an animated gif of blowfly maggots crawling over a dead raccoon or oppossum on the side of the road? ...or maybe a couple of leeches getting a nice blood infusion off of someone's leg...

Re:I hate to be picky... but.... (1)

Zonnald (182951) | more than 9 years ago | (#10771073)

Um that's and "Inch Worm" in most peoples books, so really is OK to use.

You are strictly correct, but I think it is an acceptable connection.

Re:I hate to be picky... but.... (1)

LiquidCoooled (634315) | more than 9 years ago | (#10771101)

Speak to the REAL boss [sarcasta.net] .

A few more features needed in Firefox. (2, Interesting)

deemaunik (699970) | more than 9 years ago | (#10770979)

I love Firefox, but I need it to have a similar feature to Avant... wherein it can be minimized and hidden in the Tray/Time area. Saved me alot of time in closing and opening windows. Maybe I'll ask for it on the boards. Hmm.

"Whassat Boss? *Minimizes browser to tray* Nah, just working on the company project. Not browsing Slashdot. Waste company time? Perish the thought."

Impressive... (2, Insightful)

Alwin Henseler (640539) | more than 9 years ago | (#10770984)

That someone managed to find yet another flaw in IE. You'd think that after the number of bugs found in IE so far, it would be about 100% bug-free by now. But duhhh... I guess that's too optimistic.

Beware of bugs in the above code; I have only proved it correct, not tried it. -Donald E. Knuth [stanford.edu]

Install SP2 You Dummies (4, Informative)

lseltzer (311306) | more than 9 years ago | (#10771011)

>>Is this yet another good reason for running Firefox?

Or Windows XP SP2, which is not vulnerable.

What kind of imbecil runs XP but not SP2?

Re:Install SP2 You Dummies (0)

Anonymous Coward | more than 9 years ago | (#10771108)

I downloaded SP2. It made my machine lock up on boot up. (One second into the splash screen.) That's my excuse...

Re:Install SP2 You Dummies (2, Insightful)

g0hare (565322) | more than 9 years ago | (#10771115)

Now now,actually knowing how to use Windows is punishable by death on Slashdot. It amazes me how many people don't consider recompiling a kernel a nuisance, and these same people won't be bothered to actually read the documentation that comes with Windows 2k/xp/2003. Yeah. If you've been keeping up with patches this is a non-issue.

Sensationalist /. headlines (4, Informative)

Swamii (594522) | more than 9 years ago | (#10771014)

Woopsie! Slashdot forgot to mention the fact that this vulnerability has no effect on XP machines patched with SP2. Way to go Slashdot!

Will microsoft release a knowledge base article (4, Funny)

xutopia (469129) | more than 9 years ago | (#10771018)

telling us to stop clicking on hyperlinks?

New Exploits improves IE? (2, Insightful)

Man in Spandex (775950) | more than 9 years ago | (#10771023)

Microsoft should feel lucky that their crappy browser is being anal probed. by finding exploits like this they are forced to "improve" it. Improve might be a big word but imagine if there were exploits but no viruses/trojans/whatever, you would think that M$ would fix these exploited holes?

Re:New Exploits improves IE? (1)

Zonnald (182951) | more than 9 years ago | (#10771090)

If nobody entered my home when the doors wheren't locked - then I wouldn't need to buy locks.

buffer overflow protection? (4, Interesting)

hey (83763) | more than 9 years ago | (#10771037)

How can McAfee have a simple checkbox that turns on
buffer overflow protection:
http://vil.nai.com/vil/images/vse80i- bo-config.gif

I mean if my program has a buffer and I want
to overflow it have can they stop it. The screenshot mentions APIs so make it just knows about the Win32 APIs.

Why the big Firefox push? (1)

Trogre (513942) | more than 9 years ago | (#10771039)

I mean, it's great they're running an ad in NYT and all, but everybody who I have installed Gecko-based browsers for also want a decent mail reader.

Rather than going for the still-beta Thunderbird, why not just go the whole hog and install Mozilla proper? You get all of Firefox's features and considerably more.

The only niche I can see Firefox/Win32 filling is for people who don't want to run IE, but for some reason don't want to run Mozilla Mail (which is rare at least in these parts).

McAfee VirusScan (5, Interesting)

Vermyndax (126974) | more than 9 years ago | (#10771044)

The *real* ironic twist to the story is that newer versions of McAfee VirusScan that Dell has been shipping requires Internet Explorer to be installed... and uses it to run the control center windows.

Now how's that for secure?

I may never, ever figure out the mentality of that decision.

From the Microsoft Information Minister (0, Flamebait)

Anonymous Coward | more than 9 years ago | (#10771088)

There are no holes in Internet Explorer. Internet Explorer is secure - other reports are merely lies from the Firefox infidels. Allah willing, Microsoft will rule the browser market for a thousand years. Also, the MyDoom authors are at this very moment committing suicide.

SP2 immunity (5, Informative)

jaiyen (821972) | more than 9 years ago | (#10771111)

For those who don't RTFA, XP SP2 doesn't appear to be vulnerable.
"Users who have installed Windows XP Service Pack 2 are immune to the programs that use the vulnerability, including the two new variants of the MyDoom virus."
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?