1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Unpatched Windows flaw sparks concern

Discussion in 'Article Discussion' started by CardJoe, 10 Sep 2009.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,344
    Likes Received:
    295
  2. SBS

    SBS New Member

    Joined:
    6 Jan 2009
    Posts:
    40
    Likes Received:
    0
    *smugly smiles at the Netlimiter icon*
     
  3. wyx087

    wyx087 Homeworld 3 is happening!!

    Joined:
    15 Aug 2007
    Posts:
    10,786
    Likes Received:
    265
    so why worry?
     
  4. leexgx

    leexgx CPC hang out zone (i Fix pcs i do )

    Joined:
    28 Jun 2006
    Posts:
    1,355
    Likes Received:
    8
    basicly it affects anyone that runs IIS going to be haveing fun
     
  5. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    710
    Doesn't routers already block all ports by default.
    So it only concern internal attacks under environment that sees IIS. I believe that Microsoft will have a patch until October 22nd which is in over a month away.
     
  6. Shagbag

    Shagbag All glory to the Hypnotoad!

    Joined:
    9 Nov 2006
    Posts:
    320
    Likes Received:
    4
    From MS's security advisory:
    Response:

    We - the purchasing consumers - encourage all software producers to (a) produce quality code in the first instance, and (b) audit that code to make sure these bugs don't get released in the first place. We feel such practice is in everyone's best interests.
     
  7. Laitainion

    Laitainion New Member

    Joined:
    16 Jan 2006
    Posts:
    50
    Likes Received:
    0
    And while you're at it, I'll have some world peace.

    Removing all the bugs from anything as complex as an OS is statistically impossible, no matter how many man hours you throw at it or methods used. This is doubly true for exploits, since the developers have to think of everything a hacker *could* come up with. The hacker only has to think of *one* thing the developer hasn't to have an exploit.
     
  8. Shagbag

    Shagbag All glory to the Hypnotoad!

    Joined:
    9 Nov 2006
    Posts:
    320
    Likes Received:
    4
    I agree that no system is 100% secure (save for one that's not switched on), but that's not at all what I said. I suggest you spend some time exploring the (shoestring budget) OpenBSD project as an example to see why what you've said doesn't hold water. It is well within MS's resources to release clean code. It is, however, another added cost for them which eats into their profitability. From an economics point of view, I understand that. However, it still doesn't excuse them from the fact that many of the 'vulnerabilities' in Windows is due to poor coding which can be fixed. What they said in their advisory was complete hypocrisy. That was my point.
     
    Last edited: 13 Sep 2009
  9. si-

    si- New Member

    Joined:
    13 Feb 2008
    Posts:
    6
    Likes Received:
    0
    +1. Whilst MS have certainly improved (IIS has few recent exploits) and the SDL seems a decent approach, you can't feel sorry for them given their past slackness and poor coding (features and quick release always won over security and testing)...the holy trinity applies to building software just as well as it does to building hardware.
     
    Last edited: 14 Sep 2009
Tags: Add Tags

Share This Page