This really made me laugh:
"Who Should Read This Document: Customers who have Microsoft® Internet
Explorer® installed"
as if the bulk of the user community has a #$%@*?! choice.
That's pretty bad, I admit.
I simply am not buying into it. My belief is that Microsoft is pushing
these "patches" in order to modify older versions of their OS so that
they don't work as well, more actively use DRM and-or can't be
end-user modified in certain areas. It wouldn't surprise me a bit if
THEY are the ones starting such things as the MBlast virus in order to
scare everybody into patching.
I dunno John. I think that it is common knowledge that many people
despise MS and enjoy watching it squirm like a beached whale when
simple exploits are passed about. I get a kick out of watching myself
<G>. But I don't want to get burned in the process. 98SE serves me
very well and I intend to run it as long as I can; then it's farewell
to MS!
Common sense can prevent many exploits. But, an ill-formatted email or
web page is tough to guard against in everyday computing. The fact
that someone can run programs on my machine if I come across one of
these is enough to make me patch. It's the principle of the thing. I
want to be in complete charge and I feel that I am since installing
all security patches and running several programs to protect and
inform me of anything funny going on. I did the recommended "network
unbinding" at grc.com. I keep all security programs updated, usually
checking everytime I boot up. Collectively I think doing all of this
leaves me in complete control... until the next 98 exploit anyway that
is not addressed by MS.
I think the entire problem was Bill's schedule; he actually named 95
and 98 for the years they were to come out. There was insufficient
security studies. The poor programmers had time only to keep the
darned things from blue screening when released. Money talks, security
walks. At least they did address the most important flaws. I don't
think that running connected to the internet without the updates is
wise myself.
I'm pretty sure that nothing was changed in updating that gives MS a
poker in my fire. 98SE (fully patched) is mine as far as I can tell.
There is no spyware. I've removed the ads. There is no registration
crap like I got in purchasing Excel. The OS does my bidding and not
that of MS.
Also, notice what it is that's causing the security "vulnerabilities":
ActiveX controls and active scripting.
A completely bad plan by MS, for certain.
http://www.grc.com/default.htm
"Introducing the DCOMbobulator
400,178 downloads (1,490 per day) The DCOMbobulator allows any
Windows user to easily verify the effectiveness of Microsoft's recent
critical DCOM patch. Confirmed reports have demonstrated that the
patch is not always effective in eliminating DCOM's remote exploit
vulnerability.
But more importantly, since DCOM is a virtually unused and unneeded
facility, the DCOMbobulator allows any Windows user to easily disable
DCOM for significantly greater security"
My patching was successful. I did use this program to 'further"
disable it.
http://www.grc.com/dcom/
"The strange history of DCOM
Many years ago, Microsoft began modularizing Windows and their Windows
applications by breaking them into functional components with
well-defined, "version safe" interfaces. The idea was to allow pieces
of Windows and applications to inter-operate.
The name first given to this effort was "OLE", which stood for Object
Linking and Embedding. OLE suffered nearly terminal birthing pains and
developed a reputation for being a bad idea. Undaunted, Microsoft
renamed it COM for "Component Object Model". This was still the same
old OLE, but Microsoft appeared to hope no one would notice. COM fared
somewhat better, but it wasn't until Microsoft gave it the sexy name
"ActiveX", and built it into virtually everything, that developers
finally gave up trying not to use it.
What does all this have to do with you?
Absolutely nothing . . . and that's the point...."
