Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > U.S. Computer Emergency Readiness Team SLAMS Windows "Security"

Reply
Thread Tools

U.S. Computer Emergency Readiness Team SLAMS Windows "Security"

 
 
TechNews
Guest
Posts: n/a
 
      06-21-2004
For many of us this is nothing new, to say that Microsoft products are the
least secure and reliable is an understatement; and many of us posting our
problems in this NG can attest to this fact.

Below is an article that pretty much says what we've known all along.

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Multiple Vulnerabilities in Microsoft Products
Original release date: April 13, 2004
Last revised: April 14, 2004
Source: US-CERT


Systems Affected
Microsoft Windows Operating Systems
Microsoft Windows Remote Procedure Call (RPC) and Distributed Component
Object Model (DCOM) subsystems
Microsoft Windows MHTML Protocol Handler
Microsoft Jet Database Engine


Overview
Microsoft Corporation has released a series of security bulletins
affecting most users of the Microsoft Windows operating system. Users of
systems running Microsoft Windows are strongly encouraged to visit the
Windows Security Updates for April 2004 and take actions appropriate to
their system configurations.



I. Description
Microsoft has released four security bulletins listing a number of
vulnerabilities which affect a variety of Microsoft Windows software
packages. The following section summarizes the issues identified in
their bulletins.

Summary of Microsoft Bulletins for April 2004
Security Bulletin MS04-011: Security Update for Microsoft Windows (835732)
This bulletin addresses 14 vulnerabilities affecting the systems listed
below. There are several new vulnerabilities address by this bulletin,
and several updates to previously reported vulnerabilities.

Impact

Remote attackers could execute arbitrary code on vulnerable systems.

Systems affected

Windows NT Workstation 4.0
Windows NT Server 4.0
Windows NT Server 4.0, Terminal Server Edition
Windows 2000
Windows XP
Windows Server 2003

--
Speed:Reliability:Security
 
Reply With Quote
 
 
 
 
Duane Arnold
Guest
Posts: n/a
 
      06-22-2004
TechNews <(E-Mail Removed)> wrote in news:40d77206_5@127.0.0.1:

> For many of us this is nothing new, to say that Microsoft products are
> the least secure and reliable is an understatement; and many of us
> posting our problems in this NG can attest to this fact.
>
> Below is an article that pretty much says what we've known all along.
>
> http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>
> Multiple Vulnerabilities in Microsoft Products
> Original release date: April 13, 2004
> Last revised: April 14, 2004
> Source: US-CERT
>
>
> Systems Affected
> Microsoft Windows Operating Systems
> Microsoft Windows Remote Procedure Call (RPC) and Distributed
> Component Object Model (DCOM) subsystems
> Microsoft Windows MHTML Protocol Handler
> Microsoft Jet Database Engine
>
>
> Overview
> Microsoft Corporation has released a series of security bulletins
> affecting most users of the Microsoft Windows operating system. Users
> of systems running Microsoft Windows are strongly encouraged to visit
> the Windows Security Updates for April 2004 and take actions
> appropriate to their system configurations.
>
>
>
> I. Description
> Microsoft has released four security bulletins listing a number of
> vulnerabilities which affect a variety of Microsoft Windows software
> packages. The following section summarizes the issues identified in
> their bulletins.
>
> Summary of Microsoft Bulletins for April 2004
> Security Bulletin MS04-011: Security Update for Microsoft Windows
> (835732) This bulletin addresses 14 vulnerabilities affecting the
> systems listed below. There are several new vulnerabilities address by
> this bulletin, and several updates to previously reported
> vulnerabilities.
>
> Impact
>
> Remote attackers could execute arbitrary code on vulnerable systems.
>
> Systems affected
>
> Windows NT Workstation 4.0
> Windows NT Server 4.0
> Windows NT Server 4.0, Terminal Server Edition
> Windows 2000
> Windows XP
> Windows Server 2003
>


I don't have any problems.

You're one sad *clown*

Duane
 
Reply With Quote
 
 
 
 
Dr. Strangelove
Guest
Posts: n/a
 
      06-22-2004
TechNews wrote:
> For many of us this is nothing new, to say that Microsoft products are the
> least secure and reliable is an understatement; and many of us posting our
> problems in this NG can attest to this fact.
>
> Below is an article that pretty much says what we've known all along.
>
> http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>
> Multiple Vulnerabilities in Microsoft Products
> Original release date: April 13, 2004
> Last revised: April 14, 2004
> Source: US-CERT


<---snip--->

It's not that Windows is less secure than Nix variants. Nix variants
rely upon security by obscurity (Cisco did this too and it bit em in the
butt about a month ago - can't put my finger on the article tho). Why
would the virus writers and crackers go after stuff that is only used by
a small percentage of the public? - No fun in that. Gotta go where all
the peeps are.

Later,
Doc S.

 
Reply With Quote
 
Ron Martell
Guest
Posts: n/a
 
      06-22-2004
TechNews <(E-Mail Removed)> wrote:

>For many of us this is nothing new, to say that Microsoft products are the
>least secure and reliable is an understatement; and many of us posting our
>problems in this NG can attest to this fact.
>
>Below is an article that pretty much says what we've known all along.
>
>http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>
>Multiple Vulnerabilities in Microsoft Products
>Original release date: April 13, 2004
>Last revised: April 14, 2004
>Source: US-CERT
>
>
>Systems Affected
>Microsoft Windows Operating Systems
>Microsoft Windows Remote Procedure Call (RPC) and Distributed Component
>Object Model (DCOM) subsystems
>Microsoft Windows MHTML Protocol Handler
>Microsoft Jet Database Engine
>


Yeah. Right.

They issue the bulletin *after* Microsoft has released the fixes.

Just like Blaster and Sasser virus/worms - they weren't even developed
until after Microsoft had identified the problem and released the fix
for it.

The virus writers reverse-engineered the patch so as to idenfity the
specific vulnerabilities being patched and then developed and released
a virus to exploit these already fixed vulnerabilities.

The only ones affected by these two viruses were those who were too
lazy or too stupid to keep their systems up to date. And there were
gazillions of people in that category.

No operating system can ever protect people from the consequences of
their own deliberate stupidity.


Ron Martell Duncan B.C. Canada
--
Microsoft MVP
On-Line Help Computer Service
http://onlinehelp.bc.ca

"The reason computer chips are so small is computers don't eat much."
 
Reply With Quote
 
Toolman Tim
Guest
Posts: n/a
 
      06-22-2004
"Ron Martell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)
> > TechNews <(E-Mail Removed)> wrote:
> >
> > > For many of us this is nothing new, to say that Microsoft
> > > products are the least secure and reliable is an understatement;
> > > and many of us posting our problems in this NG can attest to this
> > > fact.
> > >
> > > Below is an article that pretty much says what we've known all
> > > along.
> > >
> > > http://www.us-cert.gov/cas/techalerts/TA04-104A.html
> > >
> > > Multiple Vulnerabilities in Microsoft Products
> > > Original release date: April 13, 2004
> > > Last revised: April 14, 2004
> > > Source: US-CERT
> > >
> > >
> > > Systems Affected
> > > Microsoft Windows Operating Systems
> > > Microsoft Windows Remote Procedure Call (RPC) and Distributed
> > > Component Object Model (DCOM) subsystems
> > > Microsoft Windows MHTML Protocol Handler
> > > Microsoft Jet Database Engine
> > >

> >
> > Yeah. Right.
> >
> > They issue the bulletin *after* Microsoft has released the fixes.
> >
> > Just like Blaster and Sasser virus/worms - they weren't even
> > developed until after Microsoft had identified the problem and
> > released the fix for it.
> >
> > The virus writers reverse-engineered the patch so as to idenfity the
> > specific vulnerabilities being patched and then developed and
> > released a virus to exploit these already fixed vulnerabilities.
> >
> > The only ones affected by these two viruses were those who were too
> > lazy or too stupid to keep their systems up to date. And there were
> > gazillions of people in that category.
> >
> > No operating system can ever protect people from the consequences of
> > their own deliberate stupidity.
> >


So very very beautifully said!


--
"If there are no dogs in Heaven, then when I die, I want to go where
THEY went." ~Will Rogers~


 
Reply With Quote
 
Duane Arnold
Guest
Posts: n/a
 
      06-22-2004

"Ron Martell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> TechNews <(E-Mail Removed)> wrote:
>
> >For many of us this is nothing new, to say that Microsoft products are

the
> >least secure and reliable is an understatement; and many of us posting

our
> >problems in this NG can attest to this fact.
> >
> >Below is an article that pretty much says what we've known all along.
> >
> >http://www.us-cert.gov/cas/techalerts/TA04-104A.html
> >
> >Multiple Vulnerabilities in Microsoft Products
> >Original release date: April 13, 2004
> >Last revised: April 14, 2004
> >Source: US-CERT
> >
> >
> >Systems Affected
> >Microsoft Windows Operating Systems
> >Microsoft Windows Remote Procedure Call (RPC) and Distributed Component
> >Object Model (DCOM) subsystems
> >Microsoft Windows MHTML Protocol Handler
> >Microsoft Jet Database Engine
> >

>
> Yeah. Right.
>
> They issue the bulletin *after* Microsoft has released the fixes.
>
> Just like Blaster and Sasser virus/worms - they weren't even developed
> until after Microsoft had identified the problem and released the fix
> for it.
>
> The virus writers reverse-engineered the patch so as to idenfity the
> specific vulnerabilities being patched and then developed and released
> a virus to exploit these already fixed vulnerabilities.
>
> The only ones affected by these two viruses were those who were too
> lazy or too stupid to keep their systems up to date. And there were
> gazillions of people in that category.
>
> No operating system can ever protect people from the consequences of
> their own deliberate stupidity.


The Linux DOOM and GLOOM mascot on the soap box was chopped down skillfully.
<g>



Duane




 
Reply With Quote
 
TechNews
Guest
Posts: n/a
 
      06-22-2004
Ron Martell wrote:

> TechNews <(E-Mail Removed)> wrote:
>
>>For many of us this is nothing new, to say that Microsoft products are the
>>least secure and reliable is an understatement; and many of us posting our
>>problems in this NG can attest to this fact.
>>
>>Below is an article that pretty much says what we've known all along.
>>
>>http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>>
>>Multiple Vulnerabilities in Microsoft Products
>>Original release date: April 13, 2004
>>Last revised: April 14, 2004
>>Source: US-CERT
>>
>>
>>Systems Affected
>>Microsoft Windows Operating Systems
>>Microsoft Windows Remote Procedure Call (RPC) and Distributed Component
>>Object Model (DCOM) subsystems
>>Microsoft Windows MHTML Protocol Handler
>>Microsoft Jet Database Engine
>>

>
> Yeah. Right.
>
> They issue the bulletin *after* Microsoft has released the fixes.
>
> Just like Blaster and Sasser virus/worms - they weren't even developed
> until after Microsoft had identified the problem and released the fix
> for it.
>
> The virus writers reverse-engineered the patch so as to idenfity the
> specific vulnerabilities being patched and then developed and released
> a virus to exploit these already fixed vulnerabilities.
>


It shows that these writers are far smarter and skilled than Microsoft's
programers. Now, you can't deny that this sort of thing happens far too
frequently and has become a continous game.

> The only ones affected by these two viruses were those who were too
> lazy or too stupid to keep their systems up to date. And there were
> gazillions of people in that category.
>
> No operating system can ever protect people from the consequences of
> their own deliberate stupidity.


You qualify deliberate stupidity as the necesity of having to perpetually
manage and fix a poorly designed system.

Why lay on user's shoulders what is clearly Microsoft's responsibility?

>
> Ron Martell Duncan B.C. Canada


--
Speed:Reliability:Security
 
Reply With Quote
 
TechNews
Guest
Posts: n/a
 
      06-22-2004
Dr. Strangelove wrote:

> TechNews wrote:
>> For many of us this is nothing new, to say that Microsoft products are
>> the least secure and reliable is an understatement; and many of us
>> posting our problems in this NG can attest to this fact.
>>
>> Below is an article that pretty much says what we've known all along.
>>
>> http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>>
>> Multiple Vulnerabilities in Microsoft Products
>> Original release date: April 13, 2004
>> Last revised: April 14, 2004
>> Source: US-CERT

>
> <---snip--->
>
> It's not that Windows is less secure than Nix variants. Nix variants
> rely upon security by obscurity (Cisco did this too and it bit em in the


Windows is far less secure than Linux or Mac:

http://www.techweb.com/wire/story/TWB20040603S0007
http://www.unh.edu/computer-security/win_vuln.html
http://faculty.ncwc.edu/toconnor/426/426lect12.htm
http://www.us-cert.gov/cas/techalerts/TA04-041A.html
http://www.itc.virginia.edu/pubs/pos...html?itemID=42
http://mcse-training.woosy.com/resou...esting-tx.html
http://www.depts.ttu.edu/helpcentral...ation/vuln.php
http://www.more.net/security/advisor...04/040414.html
http://www.idefense.com/application/...shstatus=false
http://www.trusecure.com/knowledge/h..._outlook.shtml
http://www.microsoft.com/security/bu...6_windows.mspx
http://www.microsoft.com/security/bu...03_office.mspx


> butt about a month ago - can't put my finger on the article tho). Why
> would the virus writers and crackers go after stuff that is only used by
> a small percentage of the public? - No fun in that. Gotta go where all
> the peeps are.


Actually, virus writers find it too hard, if not downright impossible, to
code a virus that will be effective on Linux or Mac computers. Remember,
75% of the Internet is dependent on Open Source programs; if you wanted to
plan a really destructive coup, you would write a virus targeting Linux,
Apache, PHP, etc... but the cathre of evil coders are confined to writing
for poorly designed Windows systems.


>
> Later,
> Doc S.



--
Speed:Reliability:Security
 
Reply With Quote
 
Duane Arnold
Guest
Posts: n/a
 
      06-22-2004

> > No operating system can ever protect people from the consequences of
> > their own deliberate stupidity.

>
> You qualify deliberate stupidity as the necesity of having to perpetually
> manage and fix a poorly designed system.
>
> Why lay on user's shoulders what is clearly Microsoft's responsibility?


Comments from an expert's expert on computer systems who can barely turn one
on.

Duane


 
Reply With Quote
 
Dr. Harvie Wahl-Banghor
Guest
Posts: n/a
 
      06-22-2004
I was walking down the street, minding my own business, when on Tue,
22 Jun 2004 08:22:53 -0700, TechNews <(E-Mail Removed)> screamed from
behind the mulberry bush:

>Ron Martell wrote:
>
>> TechNews <(E-Mail Removed)> wrote:
>>
>>>For many of us this is nothing new, to say that Microsoft products are the
>>>least secure and reliable is an understatement; and many of us posting our
>>>problems in this NG can attest to this fact.
>>>
>>>Below is an article that pretty much says what we've known all along.
>>>
>>>http://www.us-cert.gov/cas/techalerts/TA04-104A.html
>>>
>>>Multiple Vulnerabilities in Microsoft Products
>>>Original release date: April 13, 2004
>>>Last revised: April 14, 2004
>>>Source: US-CERT
>>>
>>>
>>>Systems Affected
>>>Microsoft Windows Operating Systems
>>>Microsoft Windows Remote Procedure Call (RPC) and Distributed Component
>>>Object Model (DCOM) subsystems
>>>Microsoft Windows MHTML Protocol Handler
>>>Microsoft Jet Database Engine
>>>

>>
>> Yeah. Right.
>>
>> They issue the bulletin *after* Microsoft has released the fixes.
>>
>> Just like Blaster and Sasser virus/worms - they weren't even developed
>> until after Microsoft had identified the problem and released the fix
>> for it.
>>
>> The virus writers reverse-engineered the patch so as to idenfity the
>> specific vulnerabilities being patched and then developed and released
>> a virus to exploit these already fixed vulnerabilities.
>>

>
>It shows that these writers are far smarter and skilled than Microsoft's
>programers. Now, you can't deny that this sort of thing happens far too
>frequently and has become a continous game.
>
>> The only ones affected by these two viruses were those who were too
>> lazy or too stupid to keep their systems up to date. And there were
>> gazillions of people in that category.
>>
>> No operating system can ever protect people from the consequences of
>> their own deliberate stupidity.

>
>You qualify deliberate stupidity as the necesity of having to perpetually
>manage and fix a poorly designed system.
>
>Why lay on user's shoulders what is clearly Microsoft's responsibility?


You ****knob, you predispose that problems associated with Windows is
just going to go away if the whole world moved to LINUX. The problem
is that the same cretinous users who are now running unsecure
versions of Windows would be using LINUX and LINUX ain't uber-OS that
you make it out to be. There are chinks in its armour but, of course,
you wouldn't dare mention any of them, such as this:

http://techrepublic.com.com/5100-22_....html?tag=e019

Of course, a major faux pas like this happened and it was MS, smarmy
pricks like you would be up in arms. But hey, what about other *NIX OS
like SCO or Solaris or APPLE?

http://www.eweek.com/article2/0,1759,1608216,00.asp

No, no, OS snobs like to look down their noses at the "Great Unwashed
Masses" using Windows instead of looking at the root problems of
compromised computers. There are a bunch of ****ing crooks and
Internet hoodlums out there whose sole purpose is to steal or cause
someone some ****, either for profit or pure maliciousness. It just so
happens that the OS of choice at the moment is an OS that was designed
to be straight forward enough for dolts to use and comparatively
cheap. Windows has fit the bill since the early 90s and now makes up
the bulk of machines used on both home and business machines. That
makes a pretty big target for assholes who like to steal or **** up
something for the sheer joy of it.
But, hey, there is hope that Script Kiddies and the Blackhat Hackers
will move on to bigger and better things. Cisco has downplayed the
recent release of its code on the Internet and the DDOS attack on the
Akamai network is just the beginning of bigger and better things.
Besides, who knows what the next expoit to opne up on Solaris will be,
eh?

Dr Harvie Wahl-Banghor
---

Brantard explains his employment as a migrant farm worker before his permanent residency as a vagrant/wandering-nutjob/welfare-recipient in the Minneapolis/ St. Paul area:

> >Indeed. I AOLways thought Nelly(ie, Brantard) was lavender.


Mexican

> Maybe a pastel pink?
>
> >>You dumb smuck!

> >
> >A misspelled P/K/B. How Nelly-ish!


Nelly is Mexican.

In message ID:<(E-Mail Removed)8.minneapolis1.mn.us.da.qwest.net>

In article <(E-Mail Removed)>, "Brandon Hex"
<(E-Mail Removed)> wrote:

> You have a bald head and are black black black. You wish you were white like
> me but your not.
>
> ha haw
>


Who ever said Brandon Hex was white?

In message ID:<(E-Mail Removed)8.minneapolis1.mn.us.da.qwest.net>
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Google attorney slams ACTA copyright treaty Frank Williams NZ Computing 0 05-08-2010 08:13 AM
European Parliament slams digital copyright treaty Frank Williams NZ Computing 0 03-12-2010 07:29 AM
European Parliament slams digital copyright treaty Frank Williams NZ Computing 0 03-12-2010 07:21 AM
Anti-Spyware Rival Slams Microsoft's Windows Defender, Vista Au79 Computer Support 4 01-28-2007 01:27 AM
Toshiba slams Blu-ray/ HD DVD convergence claims. Allan DVD Video 0 05-11-2005 04:59 PM



Advertisments