Was it just a press release? I can't find a reference to it, either. But the "threat" is also not clarified in any news article I've found. Um... web sites have been compromised? "ANY" web site can be hacked with the malicious code?!! So it's a web server issue! Yet the problem is Microsoft?!! I will be researching this -- since the news is devoid of specifics -- and I will get to the bottom of this.
I did find fine print in one article (when news articles attempt to bury facts, that doesn't arouse my suspicions AT ALL). Despite the headline, the affected sites are Chinese, and capture game passwords. The article mentions the percentage of affected sites, and based on those odds (if it's Internet-wide, which I find hard to believe), I have a 20 times better chance of having a novel on the New York Times bestseller list. Since I don't even have any online game passwords, my odds are significantly higher. And if I actually need to visit one of the tiny number of hacked Chinese game sites for this to affect me (hey, if I must GUESS what the the news is saying, my guess is as good as yours), is this even an issue?
The main thrust of the "threat" is that every web browser is safe EXCEPT Microsoft's... although, in Windows Vista, four of the five items in the Security Advice list are enabled by default. Note to Darien Graham-Smith: Microsoft "fixed this", months before threat emerged. And that's not considered "more quickly"?
But the "small fish" have "their own security issues"... tomorrow, we'll have horrifying headlines about those browsers... right?
I can understand M$ desire to keep this on the down-low. But I can't understand why none of the news articles has any helpful info about: What activity causes the "threat" to become a problem on a PC. How to tell if it occurs (and what's installed onto a PC). Whether or not web sites are actually being compromised (hacked), as the articles say. If so, this is a much bigger issue than just IE.
...aside from the fact that they probably don't know any more about it than anyone else. And they're using this "threat" to sell alternate browsers. I mean, use whatever web browser you like, but switching at every "threat" complicates the issue. If you "switched" immediately -- is it already too late?
Windows Vista has a clamped-down user-based security system that makes it a real pain to install anything -- including viruses, worms, strange plug-ins, anything. I didn't change my security setting from "Medium-High" to "High" as suggested, but other than that, every suggested action is already in effect, factory-set.
OK, I admit it. I DO NOT have a virus scanner running all the time. I weighed the risk of having an actual virus with the nuisance of constant pop-up nonsense virus scanner crap. I decided I'd do without the pop-ups. So sue me. :)
The fact that word of a security flaw was released in a surreptitious way reinforces my belief that, in the end game, user behavior determines not only the reach but also the spread of hacking's effects.
Viddied well o'my brother
ReplyDeleteWas it just a press release? I can't find a reference to it, either. But the "threat" is also not clarified in any news article I've found. Um... web sites have been compromised? "ANY" web site can be hacked with the malicious code?!! So it's a web server issue! Yet the problem is Microsoft?!! I will be researching this -- since the news is devoid of specifics -- and I will get to the bottom of this.
ReplyDeleteI did find fine print in one article (when news articles attempt to bury facts, that doesn't arouse my suspicions AT ALL). Despite the headline, the affected sites are Chinese, and capture game passwords. The article mentions the percentage of affected sites, and based on those odds (if it's Internet-wide, which I find hard to believe), I have a 20 times better chance of having a novel on the New York Times bestseller list. Since I don't even have any online game passwords, my odds are significantly higher. And if I actually need to visit one of the tiny number of hacked Chinese game sites for this to affect me (hey, if I must GUESS what the the news is saying, my guess is as good as yours), is this even an issue?
The main thrust of the "threat" is that every web browser is safe EXCEPT Microsoft's... although, in Windows Vista, four of the five items in the Security Advice list are enabled by default. Note to Darien Graham-Smith: Microsoft "fixed this", months before threat emerged. And that's not considered "more quickly"?
But the "small fish" have "their own security issues"... tomorrow, we'll have horrifying headlines about those browsers... right?
No idea... I heard it *very* early this morn on the BBC Pre-Breakfast News... looken on MS (nothing), found it on BBC...
ReplyDeleteBit unusuall for M$ to recommend anyone else's browser
Microsoft issuing emergency fix for browser flaw on Wednesday
ReplyDeleteI can understand M$ desire to keep this on the down-low. But I can't understand why none of the news articles has any helpful info about:
ReplyDeleteWhat activity causes the "threat" to become a problem on a PC.
How to tell if it occurs (and what's installed onto a PC).
Whether or not web sites are actually being compromised (hacked), as the articles say. If so, this is a much bigger issue than just IE.
...aside from the fact that they probably don't know any more about it than anyone else. And they're using this "threat" to sell alternate browsers. I mean, use whatever web browser you like, but switching at every "threat" complicates the issue. If you "switched" immediately -- is it already too late?
Windows Vista has a clamped-down user-based security system that makes it a real pain to install anything -- including viruses, worms, strange plug-ins, anything. I didn't change my security setting from "Medium-High" to "High" as suggested, but other than that, every suggested action is already in effect, factory-set.
OK, I admit it. I DO NOT have a virus scanner running all the time. I weighed the risk of having an actual virus with the nuisance of constant pop-up nonsense virus scanner crap. I decided I'd do without the pop-ups. So sue me. :)
The fact that word of a security flaw was released in a surreptitious way reinforces my belief that, in the end game, user behavior determines not only the reach but also the spread of hacking's effects.
ReplyDeleteThere's been an update...
ReplyDeleteMicrosoft confirms that all versions of IE have critical new bug
ReplyDeletevia MonkeyFilter