Microsoft fixes severe 19-year-old Windows bug found in everything since Windows 95



Sorry, are they forcing you to buy it in some way?
It was only earlier this year that official support for XP ended - so you can be fairly sure you'll have plenty time before 'forced' to use Win10.
--
*Acupuncture is a jab well done*

Dave Plowman snipped-for-privacy@davenoise.co.uk London SW
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 05/06/15 05:50, Mike Tomlinson wrote:

Indeed.
After being a die hard linux+ XFCE4 (window manager) user for years I finally reinstalled Mint 17.1 and decided to give KDE4 a bash (I used to hate KDE for being fat and slow - not really a problem on modern hardware).
By god, it is a thing of sheer beauty now I've themed it and added a couple of my favourite fonts.
Everything works with one exception[1] and it's both 10x prettier than any version of Windows, 2x prettier than even MacOSX (and being pretty is what MacOSX is about) and a damn sight faster than both.
Even has pretty wobbling-jelly window animations like MacOSX (obviously configurable!)
[1] Multi monitor support - works find except it has no auto-detection-fu - so I have some menu items with my common layouts in, scripted with xrandr and click those. I guess I could hook those scripts into udev.
I know it's late coming, but I think Linux really has matured nicely - it's faster, more reliable (usually has been) and now truly prettier than all the competition.
NB this is Mint - Ubuntu and DeadRat seem intent on following the MS model of constant shaftage for no good reason (cough systemd, wayland etc)
If only MS could just polish their turd instead instead of reinventing everything. TBF that is what MacOSX seems to do but as I'm not a Mac user, I cannot be sure. I do noticed all my colleagues Macbooks run like dogs though...
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tim Watts wrote:

The one thing that MS have actually managed to avoid doing over the years is reinventing stuff. They nail a different GUI on top but much of the fundamentals are the same as they were in 95. There's a lot of bits I wish they would tinker with (multiple mouse support so trackpads can have a different speed to the rodent) but the ability to run many bits of s/w from the 90s without really trying is worth something.
MacOS OTOH from my little experience, does seem to do things that screw over users who aren't bang up to date.
--
Scott

Where are we going and why am I in this handbasket?
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 05/06/15 12:13, Scott M wrote:

I have certainly found that with my only ever iPhone. It works (3G model IIRC) but it is rendered useless because nothing will install on the no-longer updated iOS and the stupid Apple app store is too poorly designed to offer out of date but compatible apps.
At least with Android, I could slap CyanogenMod on it when it's out of support.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 05 Jun 2015 12:13:14 +0100

Linux (Wine) will run lots of old Windows stuff too. :-)
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Friday, 5 June 2015 11:26:14 UTC+1, Tim Watts wrote:

Greyhounds or wolfhounds?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 05/06/15 17:20, Weatherlawyer wrote:

dachshunds

--
New Socialism consists essentially in being seen to have your heart in
the right place whilst your head is in the clouds and your hand is in
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 05/06/15 17:20, Weatherlawyer wrote:

Dead ones...
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 05 Jun 2015 11:26:07 +0100

You forgot Unity and the Shopping Lens (zeitgeist).

You could polish a turd until you see your reflection but you still have a piece of shit.
--
<Wildman> GNU/Linux user #557453
The cow died so I don't need your bull!
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 6/4/2015 11:50 PM, Mike Tomlinson wrote:

Um...the article cited is from November 2014, and it says the bug was found in April 2014. Why is this an issue now?
--
Jo-Anne

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
This is a multi-part message in MIME format. --------------040007060707010308030205 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit
On 05/06/2015 16:20, Jo-Anne wrote:

Because he is a dinosaur using nothing; He hasn't got any power in his house to run a computer.
--------------040007060707010308030205 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit
<html> <head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFCC"> <div class="moz-cite-prefix">On 05/06/2015 16:20, Jo-Anne wrote:<br> </div>
6/4/2015 11:50 PM, Mike Tomlinson wrote: <br> <blockquote type="cite"> <br> "With help from IBM, Microsoft has patched a critical Windows <br> vulnerability that flew under the radar for nearly two decades.  The bug <br> has existed in every version of Windows since Windows 95, and would have <br> allowed an attacker to run code remotely when the user visits a <br> malicious website." <br> <br> &lt;<a class="moz-txt-link-freetext" href="http://www.pcworld.com/article/2846004/microsoft-fixes-severe-19-year ">http://www.pcworld.com/article/2846004/microsoft-fixes-severe-19-year </a>- <br> old-windows-bug-found-in-everything-since-windows-95.html&gt; <br> <br> <a class="moz-txt-link-freetext" href="http://tinyurl.com/oprog6w ">http://tinyurl.com/oprog6w </a> <br> <br> You'd think they would pay some attention to fixing ancient bugs in <br> their crapware instead of foisting Windows 10 on us. <br> <br> </blockquote> <br> Um...the article cited is from November 2014, and it says the bug was found in April 2014. Why is this an issue now? <br> <br> </blockquote> <br> <font face="Helvetica, Arial, sans-serif">Because he is a dinosaur using nothing;  He hasn't got any power in his house to run a computer.</font><br> </body> </html>
--------------040007060707010308030205--
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 05/06/2015 16:20, Jo-Anne wrote:

Because for some reason he has a chip on his shoulder about MS.
It's especially ironic as he says "You'd think they would pay some attention to fixing ancient bugs" when that's exactly what they did.
Andy
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Only after it was brought to their attention and subsequently publicised. Not through any effort of their own.
And that's just one bug. There will be hundreds more, as yet undiscovered, ones.
--
(\_/)
(='.'=)
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Mike Tomlinson wrote:

I like to think of the situation this way.
1) Average defectivity rate is one bug per thousand lines of code. 2) Average OS has 50 million lines of code. 3) Every OS has 50,000 bugs. 4) Easy bugs are found quickly, subtle bugs are not. OSes are released, before we're significantly down that bug curve. (I used to work in a group that released two OSes, that's how I know the situation. I saw the actual bug curve.) 5) In bad companies, code is reused without review. For example, all sorts of idiots reused JPG and TIFF libraries, not knowing there was a mine-field inside them. We ended up with some serious image-related exploits, years after the libraries were in common usage. Witness the mess with SSL as another example (just about every bad practice imaginable). 6) While there are some techniques for reducing defectivity, they're not all that effective. They might reduce bugs by a factor of three. There is an organization that tracks the issue, and delivers "ratings" to companies. I've forgotten the details.
In such a situation, I don't see much point in standing on a soapbox and claiming superiority. There isn't any. Merely a matter of how public some of the more serious issues were handled.
As far as WinXP goes, if you go to Windows Update today, there are no security patches for you. No new ones. But, if you modify the OS, to indicate it is a Point Of Sale system, you can get security patches. And bugs like this one, may actually be patched for you.
Paul
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 5 Jun 2015 05:50:15 +0100, Mike Tomlinson wrote:

I stopped reading at this point:
"According to Freeman, the bug relies on a vulnerability in VBScript, which was introduced in Internet Explorer 3.0. Even today, the bug is impervious to Microsoft?s anti-exploitation tools (known as Enhanced Mitigation Experience Toolkit) and the sandboxing features in Internet Explorer 11. "
Sounds like people who use real browsers have no cause for concern.
--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://OakRoadSystems.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.