SP2 vulnerabilities

In the words of the old Sonny and Cher tune ... the beat goes on and on. It seems that the cycle of discoveries of security vulnerabilities in new Microsoft software that was created to make its software softer safer is being perpetuated in SP2.

The security firm Secunia reports that two vulnerabilities in SP2's IE when exploited together could potentially fool users into downloading a malicious file that impersonates a regular HTML document.

Microsoft apparently is objecting to Secunia making this information public. In the meantime the hole is there and remains unrepaired.

Unfortunately, in this drum beat, it is us innocent users that get nicked by the idiots and criminals who do not know about these holes until they are publicly disclosed to them. I wish (sigh) that some procedure could be set up where information like this cannot be publicly disclosed for X number of days.

I have still have not installed SP2 - just sitting & waiting.

 

[MOVE]Patch it with Firefox[/MOVE]
Buck

 

it is just my opinion but I think you should get sp2. It has worked flawlessy for me ever since I installed the it network version way before it was available on the MS win update site. It is more secure regardless of what the average user thinks, there were over two hundred changes made in sp2 and almost all were of a security nature. windows sp2 is the most secure os available that is a viable desktop os.

 

Hi Buck - I have Firefox 1.0 but ... lookie here:

German users of Firefox in Europe are unhappy about the default inclusion of an EBay toolbar in Firefox. It seems that the Mozilla organization receives money for this and Ebay receives information when users use this software.

The debate is focussed in Germany and is being done in German. The topic has surfaced in the English Mozilla dicussion forum, but it is hard to follow and is incomplete.

http://www.tinyurl.com/4mwko

 

bigc - I recall having read somewhere that SP2 may have an issue with an AMD. My computer is an AMD Duron so do u think it would be a problem? I know I have to instal it but my computer is running safely and smoothly and I hate to find myself in a pickle.

 

I believe the issue with AMD was with the AMD64 version processor but it would be worth checking to be sure. the microsoft sp2 faq page should have the info on it. I am going to go offline now but I will look tomorow and see what I can find on the subject.

bigc

 

Mmmmmmm?? A bit snaky??
By the way Peaches, read on another thread that you can install FF 1.0 straight over an older version....Does that sound right? ..I'm still on 1.0PR, and just been waiting to see....
Cheers,
Buck

 

I tried installing over the previous version and didn't do too well so I did a clean instal. I did not lose any of my bookmarks. I downloaded some extensions, plug-ins but am a tad frustrated with FF 1.0 probably because I am not yet too familiar with it. I am fairly new to FFox so still have a lot to learn.

 

I just stuffed it up too! Installed 1.0 on top of 1.0pr...ended up with 2 in A/R programs....uninstalled 1.0pr....and that wrecked 1.0...Uninstalled and reinstaled 1.0.....Phew!!.......Maybe should have stuck with vulnerable IE!

Cheers,
Brad

 

Personally, I have had no problem with IE except that sometimes it is a tad slow. I keep patches up to date, use IE-Spyad and all other security in place and able to run a trouble free computer so far. Mind you, guys have a tendency to download more stuff than I would so perhaps therein lies the answer.

 

I just prefer FF for speed and security....IE is still my default (and it's fully patched..sp2..updated etc). Only use IE for windows updates. It worries me that my wife still uses IE for all her browsing (refuses to use FF because it's new)..and she calls me stubborn. Interested to know what IE-Spyad does?
A bit more protection would not go astray......
Cheers,
Brad.

 

Hi - no worries mate using IE if u have ur security in place and all patches are up to date. However since ur wife uses IE, then u should instal IE-Spyad as another line of defense. Some nasties like Red Sheriff like to sneak in using java applets in IE - IE-Spyad prevents this.

U can learn more about it and download here: http://www.spywarewarrior.com/uiuc/resource.htm

 

Hey thanks Peaches.....sounds like a bit of Aussie lingo there too!
Cheers,
Brad.

 

The best cure for IE is Firefox. If you use IE, you must secure it really tight.

 

I luv ur country. Have family in Brisbane - been to OZ three times - 6 wks. each visit]. I have learned a bit of lingo ..........

"You little ripper"
"Fair dinkum"
"Your shout"
"Bloody oath"
"wanna cuppa"
"go and tart yourself up"
"shut ya gob"
"don't crap on"
"don't get ur knickers in a knot"
"what's the latest goss"

 

Bewdy
Bonza
Ripper
Got family in Bris (700km south of here)too...be there next month for a few weeks Hol.
Cheers,
Brad

 

Enjoy ur vacation mate.

 

Peaches-

"Unfortunately, in this drum beat, it is us innocent users that get nicked by the idiots and criminals who do not know about these holes until they are publicly disclosed to them. I wish (sigh) that some procedure could be set up where information like this cannot be publicly disclosed for X number of days."
- P4U

I enjoy your posts very much, and sincerely hope one day I will agree with one!

1. You are using as a model, a MicroSoft that responds to complains & criticism in something less than the absolute maximum time that it can ignore them

2. From what I gather, the bad hackers out there are very good at discovering flaws and spreading word of their discoveries. That being the case, I would feel better knowing that the most legitimate computer users know the situation so they can make informed decisions.

- HandsOff