Vista Vulnerability in Time for Christmas--Enjoy! "It's beginnin' to look a lot like Windows!"

C

Chad Harris

New report of a Windows vulnerability

http://blogs.technet.com/msrc/archive/2006/12/22/new-report-of-a-windows-vulnerability.aspx

http://www.computerworld.com/action...articleId=9006679&taxonomyId=18&intsrc=kc_top

http://blog.seattlepi.nwsource.com/microsoft/

http://arstechnica.com/journals/microsoft.ars/2006/12/21/6376

No comments from Steve Riley yet on his excellent Security Blog
http://blogs.technet.com/steriley/

CH


Ed Bott on David Pogue's Review
http://blogs.zdnet.com/Bott/

US Continues Daily Torture Flights and Shoots Indiscriminately into
Containers with Live Bodies

Torture Taxi: On the Trail of the CIA's Rendition Flights (Hardcover)
http://www.amazon.com/Torture-Taxi-Trail-Rendition-Flights/dp/1933633093

On Saturday, December 23 at 3:30 pm and Tuesday, December 26 at 6:45 am
 
B

Bob

"Initial indications are that in order for the attack to be successful, the
attacker must already have authenticated access to the target system. "

Well that makes it rather hard to attack a computer.
 
D

Dale

Shoot! Does this mean that I need to keep my grandkids (age 2 to 11) off my
Vista PC before they hack it? *Eyeing my wife suspiciously across the room*
Now I am getting very nervous.

:)

Dale
 
M

Mr. Vista

lol :)


Dale said:
Shoot! Does this mean that I need to keep my grandkids (age 2 to 11) off
my Vista PC before they hack it? *Eyeing my wife suspiciously across the
room* Now I am getting very nervous.

:)

Dale
Click to expand...
 
M

Mike Hall - MS MVP Windows Shell/User

Bob

There was more.. you must also have bought three losing lottery tickets
within the last seven minutes and accidentally decorated an apple pie with
salsa out of an half empty jar..
 
M

Mike

Mike Hall - MS MVP Windows Shell/User said:
Bob

There was more.. you must also have bought three losing lottery tickets
within the last seven minutes and accidentally decorated an apple pie with
salsa out of an half empty jar..
Click to expand...

.... and the apple pie needs to have been prepared under strict rabbincal
supervision, and blessed by a Hare Krishna mantra.

Mike
 
C

Chad Harris

"Inital reports" with regards to a security vulnerability are just that.
They are superficial cursory looks.

I understand that MSFT sycophants for whatever reason, are disappointed as
security vulnerabilities in Vista emerge, because they think the security
and UAC's convoluted byzantine implementation that will cause most users of
Windows Vista to simply turn it off, is the major selling point to
enterprises. MSFT is trying to use it as a hook to get migration to occur on
a large scale, in the face of a number of projections that it's not going to
be the rush that Jim Allchin gushes over and MSFT slides project.

CH
 
R

Richard G. Harper

Yes, that's absolutely correct. In fact, how far do you know that you can
trust yourself? Admit it ... on occasion you've been tempted to hack that
box ... haven't you? HAVEN'T YOU??? ;-)

The only way to keep your computer 100% safe is to never turn it on.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
M

Mike Hall - MS MVP Windows Shell/User

... that too?


Mike said:
... and the apple pie needs to have been prepared under strict rabbincal
supervision, and blessed by a Hare Krishna mantra.

Mike
Click to expand...
 
A

Alexander Suhovey

For me it means that SDL isn't all that effective when you start from
existing codebase and not from scratch.

Reported vulnerabilty scope means that this bug in CRSS has managed to
survive all the way from Win2k SP4 to Vista. Well , seems like existing
codebase didn't go through all SDL cycle as new code did.

Security Development Lifecycle:
http://msdn.com/library/en-us/dnsecure/html/sdl.asp
 
D

Dale

And I'm going to hack my retail full license for Vista Ultimate so I can
install it for 6 months without activating. :)

Dale

Richard G. Harper said:
Yes, that's absolutely correct. In fact, how far do you know that you can
trust yourself? Admit it ... on occasion you've been tempted to hack that
box ... haven't you? HAVEN'T YOU??? ;-)

The only way to keep your computer 100% safe is to never turn it on.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Dale said:
Shoot! Does this mean that I need to keep my grandkids (age 2 to 11) off
my Vista PC before they hack it? *Eyeing my wife suspiciously across the
room* Now I am getting very nervous.
Click to expand...
Click to expand...
 
Top