Microsoft patches ancient bug

On the ball for security

By Nick Farrell

Wednesday, 12 November 2008, 09:16

MICROSOFT has finally got around to patching security flaws for Windows and Office, including a critical bug that had been publicly disclosed nearly two years ago.

To prove that it is really on the ball when it comes to security, Vole's rapid reaction security teams released two updates. The most important one, MS08-069, fixes three separate flaws in XML Core Services.

Ben Greenbaum, a senior research manager at Symantec, said that it was important that Microsoft got around to fixing the XML Core Services vulnerability because it was possible for a hacker to exploit over the Internet.

So far the flaw has not been exploited, quite why is probably because it is not so susceptible to wormable code. However security experts are at a loss as to why hackers had not exploited the bug.

Neither did Microsoft apparently. The company pinned the bug with its second-highest ranking: 'inconsistent exploit code likely'.

So if it was that important, why did it take Vole two years to come up with a fix?

Answers in green Crayola on the back of a postcard please too Ithoughtyouhadgotitssecuritybetter, Microsoft, Redmond. µ

L'Inq
Mightyshoft

Microsoft re-releases security patch Powerpointedly Tuesday, 26 August 2008, 12:42 PM Read more	Microsoft warns of a security hole The Vole hasn't fixed it yet Tuesday, 7 July 2009, 09:36 AM Read more
10,000 sites hijacked Because Microsoft hasn't fixed a flaw Tuesday, 16 December 2008, 08:02 AM Read more	Acrobat Reader has dangerous bug Disable Javascript until patch released Monday, 23 February 2009, 10:36 AM Read more
SQL Server vulnerability warning Vole issues workarounds Tuesday, 23 December 2008, 12:57 PM Read more	Windows 2000 runs AJAX apps on Google's Chrome browser Born again Thursday, 18 September 2008, 11:27 AM Read more

Comments

XML

XML has to be the biggest PITA that there is. Reading it is almost as painful as reading Pearl scripts.

posted by : the_Dude, 12 November 2008 Complain about this comment

Most read
Most commented
Most popular

INQ Whitepapers

Who will win the next round of browser wars?

Firefox - it’s hard to argue with all those add-ons

IE - resistance is futile

Search me... Chrome?

Safari, but it’s too cool for you

What browser? I’m using Win7 in Europe

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Microsoft patches ancient bug

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

IT Recruitment Consultant

IT Recruitment Consultant. ...

Read more

Read more

Read more

Read more

Read more