So, I'm in the process of downloading the latest and greatest patch from Microsoft. They've discovered yet another operating system vulnerability that is almost, but not quite, identical to the vulnerability that the MSBLAST worm exploited.
And of course, Microsoft being Microsoft, doesn't allow you to just go get the patch you need. Instead they scan your system and tell you about all the patches you need to download. Including this one:
August 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1 (822925)
Download size: 2.1 MB, < 1 minute
Security issues identified in Microsoft Internet Explorer (IE) could allow an attacker to compromise systems with IE installed (even if IE is not used as the Web browser). For example, an attacker could run programs on a computer used to view the attacker's Web site. Download this update from Microsoft to help protect your computer.
Now here's what's entertaining - the only way one can download Microsoft patches is via Interner Explorer. So, even if you never ever use IE, you still have to utilize it to download the Microsoft patches - thereby exposing yourself to this particular virus.
The irony on this one is a jaw dropper. But yet, thanks to our current Department of Justice, Microsoft continues, unhindered, on their merry way. sheesh...
8:23:25 PM
|
|