Jeremy
Sat Jul 03 11:46:31 CDT 2004
>-----Original Message-----
>Well, my answer does make sense. [blah blah
>blah] ...following the principle that I have outlined
>below...[blah blah blah]...I took my time...and
>configured my systems in a way that makes them not
>susceptible to Download.Ject: I have only small
>selection of sites with enabled scripting and cookies,
>and I run IE in guest user security context.
Now you really are trolling to your heart's content.
You posted a while ago that this security alert was "a
lie." Original poster posted it for everyone's benefit,
yet you took time to try to discredit the whole thing.
You're an idiot just for that. This isn't a debate or
contingent on your useless opinion; the article was found
on many different websites, written with different wording
from many different writers, and backed up with many
different credible sources (INCLUDING Microsoft).
Then, you said it "I wouldn't say that Forbes is a
credible resource for security alerts." I would trust the
Enquirer before I trusted anything you wrote or said.
You DO not make sense! Wait, you do...you are TROLLING
AWAY! You keep implying that this security alert is bogus,
and for that, your credibility is a fat zero.
0<-----you!
You say now that you configured your system in a way that
makes them immune to the Download.Ject; SO WHAT? What's
your point?
This is still a security threat to many people. JUST
BECAUSE it isn't to you personally, doesn't mean it is
a "lie."
Another genuis MVP stooge said it doesn't affect XP users;
so WHAT? Every PC user on this planet uses XP now? We
don't have to worry about this thing based on THAT logic?
Idiot.
Someone else posted that it won't affect those that don't
use Internet Explorer (said by yet another idiot); some
other idiot suggested that just getting updates from
windowsupdate.com will keep you safe. (TO THIS DAY, there
is NO patch for that third flaw this infection exploits,
although yesterday Microsoft issued an update that changes
settings in Windows operating systems to disable hackers'
ability to deliver malicious code with it, ALTHOUGH IT
DOES NOT entirely fix the flaw that makes the spread
possible).
Stop making this security issue nothing when it's
something! Stop your trolling already!
>And if you want my badge - you can have it.
KEEP your $1.00 badge; I don't want it.
________________________________________________
Microsoft Releases Security Update
Jul 2, 6:45 PM (ET)
By ANICK JESDANUN
(Associated Press) - Microsoft Corp. (MSFT) issued an
interim security update Friday to protect users of its
nearly ubiquitous Internet Explorer browsers from a new
technique for spreading viruses.
The update does not entirely fix the flaw that makes the
spread possible, but it changes settings in Windows
operating systems to disable hackers' ability to deliver
malicious code with it.
The security measure came in response to last week's
discovery of a computer virus designed to steal valuable
information like passwords. Though its outbreak was mild,
security experts said the technique for spreading it was
novel and could be used to send spam or launch broad
attacks to cripple the Internet.
Hackers had converted hundreds and possibly thousands of
Web sites into virus transmitters by first hiding
malicious code using a vulnerability with Microsoft's
software for operating Web sites. A fix for it had been
issued in April but was not universally applied.
Two other flaws in Microsoft products allowed hackers to
direct Internet Explorer browsers to automatically run the
virus when visiting an infected site.
Though one of those flaws remains unfixed, Friday's
setting changes thwart any attack by prohibiting a Web
application from writing files - such as the virus code -
onto users' computers.
The U.S. Computer Emergency Readiness Team urged computer
users to install the update, saying it would greatly
increase protection. But the advisory warned other types
of attack remain possible.
Stephen Toulouse, a security program manager at Microsoft,
said the company still was working on a comprehensive
patch to fix vulnerabilities with Internet Explorer, but
the settings change should protect users from the
immediate threat.
The software update covers Windows XP, Windows Server 2003
and Windows 2000, and Microsoft was working on ones for
older systems.
The update will also be included with a major Windows XP
upgrade, called Service Pack 2, later this summer.
Toulouse said the Service Pack will include additional
protections.
After installing Friday's update, users should be able to
lower their security settings from the "high" one
initially recommended as a stopgap, he said.
Russ Cooper, a senior researcher at TruSecure Corp.,
welcomed Friday's update, but said it should have come
sooner than a week.
"It would have taken a couple of hours to put it together
as a package, and (the testing) process can take a day or
two," Cooper said.
But Toulouse said that given the broad user base for
Windows and Internet Explorer, even a problem affecting
less than 1 percent of users potentially hurts millions of
customers.
He said the settings could potentially affect legitimate
applications used internally by Web developers and
corporate networks, and special instructions were
available to address those cases.
The update will be automatically installed if computers
are set to receive it. It is also available
at .
http://windowsupdate.microsoft.com
Microsoft shares fell 6 cents to close at $28.57 Friday on
the Nasdaq Stock Market.