If Microsoft made cars, they’d be out of business

Why? Because they’d be sued into oblivion for making dangerous, lousy products, that’s why.

There’s yet another Windows vulnerability. This one is seriously dangerous and can infect your system with nasties if you just *view* an image on a website. There’s an unofficial patch made by highly reliable people. You should consider installing it (then deinstall it before installing the Microsoft patch.)

This is a Windows flaw. ANY browser in Windows is vulnerable.

The security vulnerability exposes users of any Windows-based browser, including Microsoft Internet Explorer, Mozilla Firefox, and Opera.

How bad is it?

At first, the vulnerability was exploited by just a few dozen Web sites. Programming code embedded in these pages would install a program that warned victims their machines were infested with spyware, then prompted them to pay $40 to remove the supposed pests.

Since then, however, hundreds of sites have begun using the flaw to install a broad range of malicious software. SANS has received several reports of attackers blasting out spam e-mails containing links that lead to malicious sites exploiting the new flaw, Ullrich said. 

WaPo explains more

Here’s the unofficial patch, written and recommended by security experts who have released it now in hopes of preventing serious mayhem.

The above site is down, hammered by millions of hits. You can find the patch mirrored at Sunbelt and CastleCops

If you install the unofficial patch then turn automatic updates off by Control Panel/Automatic Updates, click "download updates for me let me choose when to install them." Then you will know when to deinstall the unofficial patch before installiing the Microsoft patch.

I am so tired of this garbage. Maybe it’s time to get an Apple. Or start a class-action suit against Microsoft for the lost hours and money this ‘flaw’ will cost consumers.

Update: From the same people who created the unofficial patch, Test if your system is vulnerable (4k download)

Powered by WordPress. Designed by WooThemes