Security Fix For Internet Explorer July 30, 2004

[R. L.]

Just saw this, for IE user:


"Microsoft Issues Security Fix For Internet Explorer July
30, 2004"


http://www.informationweek.com/story/showArticle.jhtml?
articleID=26100934&tid=13692


"Microsoft has issued a cumulative software patch for Internet
Explorer that is has deemed "critical," the software maker's
most severe security ranking.

The patch, detailed in, Microsoft Security Bulletin MS04-025
(http://www.microsoft.com/security/bulletins/200407
_windows.mspx) fixes three publicly disclosed vulnerabilities
as well as many previously fixed Internet Explorer security
holes to date. The security bulletin is being released outside
Microsoft's normal monthly patch schedule. "











--
RL
Unofficial Adaware Updater (+other goodies)
http://home.earthlink.net/~ringomei/page2.html
********************************
Pricelessware voting annual results and information:
http://www.pricelessware.org,
http://www.pricelesswarehome.org,
http://www.earths-ocular.com/mirror/www.pricelesswarehome.org/

 

[Vrodok the Troll]

-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 31 Jul 2004 02:40:46 GMT, in Newsgroup--> alt.comp.freeware, the
personage of "R. L." <(removethis)ringomeinew@_hot_mail_.YOU_KNOW_THE_REST>,

Just saw this, for IE user:


"Microsoft Issues Security Fix For Internet Explorer July
30, 2004"

[snip]

At this rate, IE shall be fully patched and secure sometime around when...
"the cows come home".
We can only hope.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBQQsYMu2J/4zOuEl1AQFNXwQA3fGdOOsYUH1m1v92Cg7MRA8E4B4Vvkdx
d7k7gfah5mXNFS/BzNsW3VkYgApNWw7yf/4uwxBDkHLkoNPBSx60nyAa3uIm5fv0
oZ8YbNtJrhhyLA+cb8tPOFqvxUpHF1jtyTa/25uFxS03Xbuw5HXXo7PE/bkuO4Yo
/fAucS7h/dg=
=9QGz
-----END PGP SIGNATURE-----

 

[Bob Adkins]

At this rate, IE shall be fully patched and secure sometime around when...
"the cows come home".
We can only hope.

I'm afraid the cows will be extinct before IE is fully secure.

Bob

 

[R. L.]

I'm afraid the cows will be extinct before IE is fully
secure.

Bob

Don't worry, all the "zillas" with their alike reptiles will be
running around to replace the cows





--
RL
Unofficial Adaware Updater (+other goodies)
http://home.earthlink.net/~ringomei/page2.html
********************************
Pricelessware voting annual results and information:
http://www.pricelessware.org, http://www.pricelesswarehome.org,
http://www.earths-ocular.com/mirror/www.pricelesswarehome.org/

 

[Bob Adkins]

Don't worry, all the "zillas" with their alike reptiles will be
running around to replace the cows

That's what I'm worried about. The cute little Zillas are evolving into big
fat IE monsters.

Bob

 

[Aaron]

That's what I'm worried about. The cute little Zillas are evolving
into big fat IE monsters.

What makes you say that?

 

[PuppyKatt]

: On 30 Jul 2004 22:59:33 -0500, Vrodok the Troll
<[email protected]>
: wrote:
:
:
: > At this rate, IE shall be fully patched and secure sometime around
when...
: >"the cows come home".
: > We can only hope.
:
: I'm afraid the cows will be extinct before IE is fully secure.
:
: Bob
Not only that, but pigs *will* fly, and Hell *will* freeze over before
Microsoft issues anything that is properly secure. You'd have thought
that with the updates, patches, etc. involved with '95, '98, and '98SE,
that they would have been able to do it right BEFORE they released XP.
It just shows to go that This is a rotten way of sucking more money from
consumers. Swarms of pwople run for the latest Windows release, hoping
that it is better than the last, but sasly discovering that it is much
worse, with holes, leaks, vunerabilities, crashes, freeze-ups, etc.
But, like many other people, I do not have the right hardware or sofware
to use Linux, and am too old and impatient to learn an almost-unix
program. Besides, when I buy an OS, I want it to do most of the work,
not me have to type lengthly strings into a command line to do
something.

 

[who]

What makes you say that?

The cows mooved him to it ;-)

 

[JP Loken]

That's what I'm worried about. The cute little Zillas are evolving into
big
fat IE monsters.

Bob

It's a known problem in all kind of projects. Pleasing too many interests
strangles an otherwise good cause, and the projects get overextended and
die.
One little lizard, K-Meleon, is still true to its mission of just being a
small, adaptive and fast browser.

 

[Bob Adkins]

It's a known problem in all kind of projects. Pleasing too many interests
strangles an otherwise good cause, and the projects get overextended and
die.
One little lizard, K-Meleon, is still true to its mission of just being a
small, adaptive and fast browser.

Well said. I've been a K-Meleon fan for quite a while. If it ever comes out
with just the right feature set, I'll stick with it.

Bob

 

[Bob Adkins]

Microsoft issues anything that is properly secure. You'd have thought
that with the updates, patches, etc. involved with '95, '98, and '98SE,
that they would have been able to do it right BEFORE they released XP.

Who could have predicted the level of cleverness, ferocity, and meanness of
the attacks perpetrated by 14 year old boys with too much time on their
greasy little hands? Not you, not me, not MS. Where were your warnings
BEFORE MS released IE? I don't remember hearing any. Monday morning
quarterbacking is a cheap tactic, and disingenuous. Hindsight is always
20/20.

Look Puppycat, anything that can be built can be torn down. Anything that
can be locked can be unlocked. It's just a matter of how much time the kids
are willing to devote to it. And time is something kids have PLENTY of!

If <name of your pet browser goes here> were to suddenly grab 90% of the
browser market, the kids would go after it. Within a month, it would be full
of exploits the evil <name of your pet browser goes here>authors left in it.

I blame MS for IE exploits no more than I blame Wells Fargo for not making
their safes dynamite and diamond drill proof. In fact, I do not WANT my
browser to TOO secure. Any browser that is nearly bullet proof would likely
be too cumbersome to use. I don't think browser connoisseur would like a fat
cow of a browser that's 100% secure, even if it were possible.

Would I like to see my browser more secure? Yes, I would certainly like more
security options. But I would not like my browser to become any fatter or
slower than it is, so there must be a compromise.

Bob

 

[Rod]

Well said. I've been a K-Meleon fan for quite a while. If it ever
comes out with just the right feature set, I'll stick with it.

Same here, taking my K-Meleon for a walk every month, waiting for the right
colours.

Rod

 

[Achim Nolcken Lohse]

Just saw this, for IE user:


"Microsoft Issues Security Fix For Internet Explorer July
30, 2004"
.....

The patch, detailed in, Microsoft Security Bulletin MS04-025
(http://www.microsoft.com/security/bulletins/200407
_windows.mspx) fixes three publicly disclosed vulnerabilities
as well as many previously fixed Internet Explorer security
holes to date. The security bulletin is being released outside
Microsoft's normal monthly patch schedule. "

I went to the ms site, and it appears to say that the patch is only
for XP and Win2000 systems.

"To use this tool, you must be running Windows XP or Windows 2000."

I then linked to the upgrade page, and the only patches MS offered me
were IE6, DirectX9, a root certificate upgrade, and a patch for
Virtual Machine.

So it would seem that you have to upgrade your OS to XP or Win2000 to
get protection against this security flaw.

 

[Hello]

Who could have predicted the level of cleverness, ferocity,

Would I like to see my browser more secure?

Well.. you can get it more secure with a bit of work, it would be a
whole lot easier if it came that way out of the box

Most people I've met interested in security suggetst thaat you just do
not use IE. This includes the famous warning by CERT, odown to humble
qadvisors like yosponge discussing rules of thumb. It's not that hard
to make it more secure, it is just htat MS did not do it

 

[Hello]

Not only that, but pigs *will* fly, and Hell *will* freeze over before
Microsoft issues anything that is properly secure. You'd have thought
that with the updates, patches, etc. involved with '95, '98, and '98SE,
that they would have been able to do it right BEFORE they released XP.

Not to defend MS, but 95, 98 , 98se are very different from XP. It's
more like NT, w2k, WXp. The grandady of them all was OS2, and, IIUC,
MS marketed it as NT.

I think the basc way to tell one family from another is to look for
services. if it has services, it's in the NT family

 

[»Q«]

(e-mail address removed) (Achim Nolcken Lohse) wrote in

I went to the ms site, and it appears to say that the patch is only
for XP and Win2000 systems.

"To use this tool, you must be running Windows XP or Windows 2000."

There are patches for all IEs at

I then linked to the upgrade page, and the only patches MS offered me
were IE6, DirectX9, a root certificate upgrade, and a patch for
Virtual Machine.

If you are using an old verion of IE, Windows Update will offer you IE6
every time, I think. They'd like you to upgrade then patch.

So it would seem that you have to upgrade your OS to XP or Win2000 to
get protection against this security flaw.

When I visit Windows Update with Win98se, IE6SP1, the critical update
appears.

 

[Aaron]

Well said. I've been a K-Meleon fan for quite a while. If it ever
comes out with just the right feature set, I'll stick with it.

The struggle to decide what's for the "right feature set" is exactly what
causes bloat

 

[Aaron]

I blame MS for IE exploits no more than I blame Wells Fargo for not
making their safes dynamite and diamond drill proof.

It depends, on what type of exploits we are talking about. I don't
suppose you would hold Wells Fargo blameless if they just left the keys
to the safe lying about.

On the other hand, yes I agree, if someone sent an army to kill all the
security guards, blow up the safe ,and escaped with the money, than okay
not much Wells Fargo could do about it.

You think that the various exploits are closer to the second case, than
the first case, but the thing is many of the exploits is closer to the
first case.

In fact, I do not
WANT my browser to TOO secure. Any browser that is nearly bullet proof
would likely be too cumbersome to use. I don't think browser
connoisseur would like a fat cow of a browser that's 100% secure, even
if it were possible.

Would I like to see my browser more secure? Yes, I would certainly
like more security options. But I would not like my browser to become
any fatter or slower than it is, so there must be a compromise.

You seem to imply that becoming more secure will cause IE to slow down.
This is not necessarily true. IE can be even more secure without losing a
shred of it's speed, and they have improved somewhat already.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

In fact,I do not WANT my browser to TOO secure. Any browser that
is nearly bullet proof would likely be too cumbersome to use. I
don't think browser connoisseur would like a fat cow of a browser
that's 100% secure, even if it were possible.

Why do you imagine that more secure browsers are likely to be bloated?
Among browsers available today, it's the less bloated ones that are
more secure.

 

[Bob Adkins]

Why do you imagine that more secure browsers are likely to be bloated?
Among browsers available today, it's the less bloated ones that are
more secure.

When you add security, do you not add size?

I would rather subtract exploits.


"Whenever someone asks me to define love, I usually think for a minute,
then I spin around and pin the guy's arm behind his back. Now who's
asking the questions?"


Bob