Version: 2008
  • On TechRepublic: Five super-secret features in Windows 7

Comments on: Microsoft patches 20 security flaws

Microsoft on Tuesday released fixes for 20 vulnerabilities in a variety of products, including one that is part of Windows Vista.

Add a Comment (Log in or register) (8 Comments)
  • prev
  • 1
  • next
Umm, they'd better get in gear, then:
by Penguinisto February 13, 2007 2:24 PM PST
They can start here (which breaks the oh-so-ballyhooed UAC entirely):

http://blogs.zdnet.com/security/?p=29

(apparently Vista doesn't even have the no-admin feature on anymore... so much for MSFT and security, hey?)

/P
Reply to this comment
Not at all
by Siegfried Schtauffen February 13, 2007 4:04 PM PST
As explained it is a design choice, and no secret. I have known about this for months and I am no "hacker". What would you prefer; a prompt saying "Give this program Admin Yes/No" or a prompt saying "Give this program Admin level 0, 1, 2, 3 or 4?". Since Windows has to be usable by everyone and maintain compatibility the only answer was the "Yes/No". Additionally, if a installer does not need admin it can be designed to not request it via a manifest. The detection heuristics only apply to installers not written for Vista. Besides, why is this different from sudo?

She is doing this for attention, no more, no less, and she should be ignored.
View all 2 replies
Yep ... see the cycle begin again ....
by MacHeads February 15, 2007 6:54 AM PST
Windows vista SURE is the safest windows verion yet ... (snicker)
is that saying much ???? NOT ...

http://news.wired.com/dynamic/stories/M/
MICROSOFT_SECURITY?
SITE=WIRE&SECTION=HOME&TEMPLATE=DEFAULT

Oh and yes .. just visiting a malicious site can erase all you data
... sweet ... i guess that is the price for tying in speech
recognition with javascript and activeX controls ....

Would i let a Vista running PC access to personal info knowing
this ??? let me think ..... Never ... Why ? simple ... these first flaws
are just the first tree and there is a MIGHTY big H U G E forest
right behind the bend in the path ...

And yes as Joanna Rutkowska says the whole UAC model is a
joke , a bad one played on unsuspecting users that trusted a
company for yet too many years . As one of my teachers and
tutor in the IT business told me "The only way to secure a PC
running windows can be done in a simple step ... pull the
powercord". I see that advice still hasnt changed .. and yes i use
i5 , NetBSD , FreeBSD in work and at home... so far the kiddies
and the black hats out there are still kept out and my routers
sure are NOT Ciscos. I see this time worn adage still IS true after
all ..
Reply to this comment
(8 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET