Microsoft to plug critical IE hole targeted by exploit code
Microsoft said on Thursday that it will offer six updates for 12 vulnerabilities next week including a critical hole in Internet Explorer that affects Windows 7 and other current versions of the operating system for which exploit code has been released.
Late last month, Microsoft said it was investigating an IE vulnerability after someone released proof-of-concept code affecting IE 6 and IE 7 that could be used to take control of computers.
Microsoft described the problem in an advisory issued November 23: "The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code."
Of the six updates Microsoft will release on Patch Tuesday, three of them are critical, according to a Microsoft security bulletin advance notification.
Software affected includes Windows 2000, Windows XP, Vista, Windows 7, Server 2003, Server 2008, Office XP, and Office 2003.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
Everybody, please play nicely....
"no comment"
Translation: "My comment has no value"
At its course in development the comment has indeed no value.
http://news.cnet.com/8301-27080_3-10393728-245.html
Apple plugs holes for domain spoofing, other attacks
Get over yourself. Every OS has patches.
With the quality of your troll postings, I strongly recommend you don't quit your day job, kid. You need to work on it more. :)
Actually exploited or in use? No.
Patched? Will be done before it's exploited. That's the way it should be for any OS.
From the advance Bulletin
"Bulletin 4
- Affected Software:
- Internet Explorer 5.01 Service Pack 4 when installed on
Microsoft Windows 2000 Service Pack 4
- Internet Explorer 6 Service Pack 1 when installed on
Microsoft Windows 2000 Service Pack 4
- Internet Explorer 6 for
Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Internet Explorer 6 for
Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 for
Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Internet Explorer 7 for
Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 in
Windows Vista,
Windows Vista Service Pack 1, and
Windows Vista Service Pack 2
- Internet Explorer 7 in
Windows Vista x64 Edition,
Windows Vista x64 Edition Service Pack 1, and
Windows Vista x64 Edition Service Pack 2
- Internet Explorer 7 in
Windows Server 2008 for 32-bit Systems and
Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 7 in
Windows Server 2008 for x64-based Systems and
Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 7 in
Windows Server 2008 for Itanium-based Systems and
Windows Server 2008 for Itanium-based Systems Service Pack 2
- Internet Explorer 8 for
Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Internet Explorer 8 for
Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 8 for
Windows Server 2003 Service Pack 2
- Internet Explorer 8 for
Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 8 in
Windows Vista,
Windows Vista Service Pack 1, and
Windows Vista Service Pack 2
- Internet Explorer 8 in
Windows Vista x64 Edition,
Windows Vista x64 Edition Service Pack 1, and
Windows Vista x64 Edition Service Pack 2
- Internet Explorer 8 in
Windows Server 2008 for 32-bit Systems and
Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 8 in
Windows Server 2008 for x64-based Systems and
Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 8 in
Windows 7 for 32-bit Systems
- Internet Explorer 8 in
Windows 7 for x64-based Systems
- Internet Explorer 8 in
Windows Server 2008 R2 for x64-based Systems
(Windows Server 2008 R2 Server Core installation not affected)
- Internet Explorer 8 in
Windows Server 2008 R2 for Itanium-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
"
IE8 for Windows 7 is effectect.
So tell me, even though it's all lies and extreme bias, why would Microsoft get out of the software business when their perfect God-send competitors struggle to take away any of their market share?
If you made a product, no matter how good or bad it was, and you held well over 90% of the market share, you wouldn't mind staying in business either.
- by fgsdfgdsfgdsfg December 4, 2009 11:26 AM PST
- Any and every OS has security holes that need to be patched. Windows being the most popular BY FAR in the market place will naturally be target #1 for hackers. So naturally in turn Microsoft will have more patches to release.
- Like this Reply to this comment
-
-
- by Dalkorian December 7, 2009 10:53 AM PST
- No one tell this person that OS 9 had hundreds of viruses and a smaller market share. We don't want to shatter his (or her) delusions now, do we?
- Like this
-
(24 Comments)I am sure Macs have many vulnerabilities, it is just that no one invests time to exploit them. At the most recent black hat hacker conference Mac OS X was the first to fall under the hacker?s control. It took them less than 1 minute. Wow, that?s eye opening! And what operating system withstood the longest under the attacks? This may surprise many. Microsoft?s VISTA! (Windows 7 wasn?t officially out yet) Boy that must just go up the Mac fan boy?s @ss sideways.
I?m not flaming Mac. I?m just saying that ALL OS?s need security updates. The deployment of those patches and the number of them released are controlled by MARKET DRIVEN FORCES! And since Mac has such a SMALL MARKET SHARE, it is only natural that they would have fewer discovered holes to patch. If you think otherwise, well then you?re walking with apple shaped blinders on and you?re a blind fool.
I'm an IT administrator with decades of experience working with MS, Linux and Macs. I've seen it all. Microsoft is far better than any Mac fan boy would have anyone believe. Mac fan boys would have you believe Macs are far better than they actually are. Come spend a day at my job where I support them in a mixed 130 node network and I'll be glad to show you all their many flaws and shortcomings. But you fan boys just go on running your Macs with no antivirus or firewall. I?m sure you?re perfectly safe.