WMF vulnerability specifics

For whomever is still following this patched issue:

http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx


--
Todd H.
http://www.toddh.net/

Re: WMF vulnerability specifics

Thanks Todd, that was helpful.

But why couldn't the security people here have told me that Win9X wasn't as vulnerable???

Or even that "Critical" updates would still be issued through June of this year???

At least M$ says that triggering it would require more "user interaction" in Win9X.

I find it interesting that these "security people" here can get into an irrelevant discussion I
barely understand about Win 9X's "16-bitness" but don't even know about what this dumbed-down
"rather technical" article from a company that can't produce quality code. It may have been
written for idiots by a Microserf idiot, but at least it got to the point...

And anyone promoting this "Fedora" junk should realize that some people don't want to stop
using something they know AND PAID FOR until they feel like they've gotten their MONEY'S WORTH
out of their investment. Specifically, if you want me to use *nix so bad, then why don't you
REIMBURSE ME for the retail cost of what I paid for Windoze and Office??? Your delusions of
Linux "standardization and user friendliness" sicken me, especially when you CAN'T put your
money where your mouth is, because you LOVE anything that's FREE!!!

Again, many thanks to Todd and John Hyde, and Leythos should look at why he's alienated people
enough to be impostors, rather than pursuing a false dream of actually stopping them, because
that happens all the time in my local NG, and nobody can stop it...

Here's to hoping I'll someday get as competent response as a poster than as a lurker...

Cool_X


Todd H. wrote:
> For whomever is still following this patched issue:
>
> http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx
>
>

Re: WMF vulnerability specifics

Also, thanks to anyone trying to be HELPFUL that I failed to mention!

Cool_X


Cool_X wrote:
> Thanks Todd, that was helpful.
>
> But why couldn't the security people here have told me that Win9X wasn't
> as vulnerable???
>
> Or even that "Critical" updates would still be issued through June of
> this year???
>
> At least M$ says that triggering it would require more "user
> interaction" in Win9X.
>
> I find it interesting that these "security people" here can get into an
> irrelevant discussion I barely understand about Win 9X's "16-bitness"
> but don't even know about what this dumbed-down "rather technical"
> article from a company that can't produce quality code. It may have
> been written for idiots by a Microserf idiot, but at least it got to the
> point...
>
> And anyone promoting this "Fedora" junk should realize that some people
> don't want to stop using something they know AND PAID FOR until they
> feel like they've gotten their MONEY'S WORTH out of their investment.
> Specifically, if you want me to use *nix so bad, then why don't you
> REIMBURSE ME for the retail cost of what I paid for Windoze and
> Office??? Your delusions of Linux "standardization and user
> friendliness" sicken me, especially when you CAN'T put your money where
> your mouth is, because you LOVE anything that's FREE!!!
>
> Again, many thanks to Todd and John Hyde, and Leythos should look at why
> he's alienated people enough to be impostors, rather than pursuing a
> false dream of actually stopping them, because that happens all the time
> in my local NG, and nobody can stop it...
>
> Here's to hoping I'll someday get as competent response as a poster than
> as a lurker...
>
> Cool_X
>
>
> Todd H. wrote:
>
>> For whomever is still following this patched issue:
>> http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx
>>
>>

Re: WMF vulnerability specifics

Sorry for not getting all thoughts into a post, but M$ continues to amaze me...

"Secure Windows Initiative"...what a joke! How do you ever "secure" anything that was built
with so many holes??? They should have building codes for software just like for real
buildings, and this proves that M$ knows so little about any engineering that the *forced*
change from MCSE's "Systems Engineer" to "Systems Expert" can't say it well enough...

Maybe I shouldn't believe what's in the article, since "*This posting is provided "AS IS" with
no warranties, and confers no rights.* M$ proves all they care about is selling junk that they
won't release any source code on how to fix because all they care about is making money off
deliberate insecurity. And why aren't they forced to tell the truth and post that on ALL of
their products??? As far as I'm concerned, they're no better than a lot of eBay sellers I come
across, but at least the good ones give links for resources on how to fix what they're selling...

And these M$ MVPs should realize that they only got such a "prestiged title" because they
kissed up enough to believe the lies of an evil monopoly that bribed its way out of being split
up after getting convicted. And this is after I read Daniel Petri's site
(http://www.petri.co.il), someone who could've used their brain more productively... These
people should be looked down on at least as much as someone wearing a Wal-Mart vest and badge
walking through a farmer's market...

I guess I'll get a good flaming for this, but I really did need to let loose a lot of pent-up
bitching... ;-)

Cool_X



Cool_X wrote:
> Thanks Todd, that was helpful.
>
> But why couldn't the security people here have told me that Win9X wasn't
> as vulnerable???
>
> Or even that "Critical" updates would still be issued through June of
> this year???
>
> At least M$ says that triggering it would require more "user
> interaction" in Win9X.
>
> I find it interesting that these "security people" here can get into an
> irrelevant discussion I barely understand about Win 9X's "16-bitness"
> but don't even know about what this dumbed-down "rather technical"
> article from a company that can't produce quality code. It may have
> been written for idiots by a Microserf idiot, but at least it got to the
> point...
>
> And anyone promoting this "Fedora" junk should realize that some people
> don't want to stop using something they know AND PAID FOR until they
> feel like they've gotten their MONEY'S WORTH out of their investment.
> Specifically, if you want me to use *nix so bad, then why don't you
> REIMBURSE ME for the retail cost of what I paid for Windoze and
> Office??? Your delusions of Linux "standardization and user
> friendliness" sicken me, especially when you CAN'T put your money where
> your mouth is, because you LOVE anything that's FREE!!!
>
> Again, many thanks to Todd and John Hyde, and Leythos should look at why
> he's alienated people enough to be impostors, rather than pursuing a
> false dream of actually stopping them, because that happens all the time
> in my local NG, and nobody can stop it...
>
> Here's to hoping I'll someday get as competent response as a poster than
> as a lurker...
>
> Cool_X
>
>
> Todd H. wrote:
>
>> For whomever is still following this patched issue:
>> http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx
>>
>>

Re: WMF vulnerability specifics

Cool_X wrote:
> Sorry for not getting all thoughts into a post, but M$ continues to amaze me...

Hm... would you mind to restrict your lines to a maximum length of 72?
This would really help to read what you're wrting here. Thank you!

Yours,
VB.
--
maximum inquementum tum biguttam egresso scribe. meo maximo vestibulo
perlegamentum da. da duo tum maximum conscribementa meis listis. dum listis
decapitamentum damentum nexto fac sic nextum tum novumversum scribe egresso.
lista sic hoc recidementum nextum cis vannementa da listis. cis.

Re: WMF vulnerability specifics

Cool_X writes:

> Thanks Todd, that was helpful.
>
> But why couldn't the security people here have told me that Win9X
> wasn't as vulnerable???

Probably because they didn't know yet.

--
Todd H.
http://www.toddh.net/

Re: WMF vulnerability specifics

In article <1JIzf.171520$tl.124737@pd7tw3no>,
Cool_X wrote:

>And anyone promoting this "Fedora" junk should realize that some people
>don't want to stop
>using something they know AND PAID FOR until they feel like they've
>gotten their MONEY'S WORTH
>out of their investment. Specifically, if you want me to use *nix so
>bad, then why don't you
>REIMBURSE ME for the retail cost of what I paid for Windoze and
>Office??? Your delusions of
>Linux "standardization and user friendliness" sicken me, especially when
>you CAN'T put your
>money where your mouth is, because you LOVE anything that's FREE!!!

If I were prepared to buy out the remaining value of your [used]
Windows and Office software, what mechanisms could we use to
establish that you had destroyed the software and all backups thereof?

And also, how can we establish that you will -stay- off of Windows
instead of just taking the payment and applying it against a new
version that you were planning to purchase anyhow?

Note: This is not a flame; this is a "I'm prepared to seriously
consider that, but how would we actually work it in practice?"