Linked by snydeq on Tue 7th Oct 2008 17:04 UTC
InfoWorld pays tribute to the humble Windows bug -- ground zero for several of the most colossal security meltdowns IT has ever endured. From share-level password flaws, to Web server traversal vulnerabilities, to overflow after overflow, the past decade of Windows flaws and patches and exploits has given IT one hot cup of hell after another -- all while giving rise to entire industries built around protecting users from malware authors who themselves have matured their practices to juvenile pranks to moneymaking criminal enterprises. Microsoft has been noted as the fastest vendor to patch OS flaws, to be sure, but the hits keep on coming. Perhaps it is high time for another OS vulnerability scorecard.
Thread beginning with comment 333010
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2008-05-26
Yeah, that Ubuntu one was pretty bad. But at least when they were informed of it, they fixed it right away. Within 24 hours I believe.
Apple had an easy local root vulnerability that required just one line of Applescript. They were warned 4 years ago that their design could cause this flaw, and Tiger shipped with a setuid root program that you could use to turn the vulnerability into an exploit. In August this year (2008) they finally fixed it.
It's not even like you had to do a buffer overflow attack or anything to root an OS X machine; just put in a single Applescript command on the command-line and you've got it. Apple never listened to the people who envisaged it. Apple took years to release a patch for something that really only required a single "chmod" command to fix the immediate problem, and who knows if the flaw can't be opened up again using third party programs.