Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Microsoft patch opens users to attack
Robert Lemos, SecurityFocus 2006-08-22

UPDATE: Microsoft continued to work on Tuesday to create a fix for an exploitable flaw introduced by the company's latest security update to Internet Explorer.

Comments Mode:
Microsoft patch opens users to attack 2006-08-23
TJ (1 replies)
This is a prime example of Microsoft getting the shaft regardless of what they do. Mistakes do happen from time to time. Considering patch quality has been very high for quite a while now, they were overdue for a mistake (law of averages). My second point, there is no excuse not to patch! Deployment...

[ more ]  [ reply ]
Re: Microsoft patch opens users to attack 2006-08-24
Matthew Murphy (2 replies)
Incorrect. Microsoft is getting the shaft because they seriously screwed up. This is the worst regression in a security patch since MS00-086 *six years ago*. There's simply no good reason why this was missed -- it would've been readily obvious to a QA tester who ran the patch through live browsin...

[ more ]  [ reply ]
Re: Re: Microsoft patch opens users to attack 2006-08-25
TJ (2 replies)
Mistakes do happen, even with Linux, as this article demonstrates:

Linux update becomes terminal pain

http://www.securityfocus.com/news/11409

So, let's ease up a bit on the Microsoft bashing! Besides, you have to give em a little credit for communicating their culpability via these blogs:

ht...

[ more ]  [ reply ]
Re: Re: Re: Microsoft patch opens users to attack 2006-08-25
Matthew Murphy
Yes, mistakes do happen. However, this mistake had no reason to be there -- the changes introduced were extraneous and not a part of the elimination of any vulnerability. As I said, Microsoft has had major failures in 3 patches in the last four cycles -- less than a 3 month period, and you have to...

[ more ]  [ reply ]
Re: Re: Re: Microsoft patch opens users to attack 2006-08-28
Anonymous
>Mistakes do happen, even with Linux, as this >article demonstrates:

>Linux update becomes terminal pain

>http://www.securityfocus.com/news/11409

Whoa there big boy. This is an "Ubuntu" problem, not a "Linux" problem. As often happens in the press, the word "Linux" was used interchangably w...

[ more ]  [ reply ]
Re: Re: Microsoft patch opens users to attack 2006-08-25
Anonymous
Not only did they not advise the public, when they finally did, they were not accurate. We are running XP Pro SP2 and it was crashing us as well. We didn't learn the nature of the problem until our software vendor sent out the alert. We use two internet based programs to run our business and had con...

[ more ]  [ reply ]
Microsoft crippled patches 2006-08-23
assurbanipal
So Micro$oft, where's your QA?

Doubt is, you have none. Otherwise it'd be rather difficult to explain the abysmal security level of both your software, and the patches you emit....

[ more ]  [ reply ]
Microsoft patch opens users to attack 2006-08-24
Improvisator
Why would Microsoft want to crash users PCs? that pretty much, doesn't make any sense at all.

Care to explain the motive?...

[ more ]  [ reply ]
Microsoft patch opens users to attack 2006-08-25
cenkornek
It was, is and will be a double-edged sword to install the patch or not. ...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus