Microsoft to patch 17-year-old computer bug

[morganlefay]

Well disabling the 16 bit compatibility is just not an option for some businesses that run older applications .....I sure hope the patch doesnt break things

Good to hear physical access is required ...and a valid local account

MLF

[westin]

It wasn't so much the 1 17 year old patch that got me...

Quote:

The monthly security update will also tackle a further 25 holes in Windows, five of which are rated as "critical".

At least they are patching them

[ByTeWrangler]

It's a copy paste and i am not sure if there is a solution except waiting however,

From Secunia:

Windows XP (Home)
250 Secunia advisories
286 Vulnerabilities
31 unpatched

Quote:
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Windows XP Home Edition, with all vendor patches applied, is rated Highly critical





Windows XP (Professional)
271 Secunia advisories
309 Vulnerabilities
34 unpatched

quote:
The most severe unpatched Secunia advisory affecting Microsoft Windows XP Professional, with all vendor patches applied, is rated Highly critical





Windows Server 2003 (enterprise edition)
221 Secunia advisories
297 Vulnerabilities
15 unpatched

quote:
The most severe unpatched Secunia advisory affecting Microsoft Windows Server 2003 Enterprise Edition, with all vendor patches applied, is rated Highly critical






This is the best:

Windows Vista
81 Secunia advisories
147 Vulnerabilities
5 unpatched

quote:
The most severe unpatched Secunia advisory affecting Microsoft Windows Vista, with all vendor patches applied, is rated Less critical


Now who the **** said Vista sucked



PS: I write this using Opera on Linux (after uninstalling firefox)

[ByTeWrangler]

There is something i want to point out (hence the separate post)

I checked around secunia for OpenSuse, Ubuntu, Debian, Fedora and Mint (top 5 on dirstro watch).

ALL OF THEM HAD 0 UNPATCHED VULNERABILITIES. ZERO!

Although number of vulnerabilities between version's were high, like 1700+ between debian 4 to 5 - All of them were patched.

I today for the first time honestly think community driven software (free is not the word for me) is HONESTLY BETTER !

I honestly have found new respect for community effort and community driven software's

Respect.

PS: Except Firefox.

[nihil]

ByTe,

You need to be a bit more careful in interpreting Secunia.....................they tell me my system is 100%, when I know that there are at least 24 items that are vulnerable.

Also remember to differentiate between OS and application vulnerabilities. Application vulnerabilities tend to work cross-platform.

And Linux..........................nobody cares about it............no brownie points for finding a vulnerability in that...........Windows is where you make your reputation and money........trust me

Obviously, as open source you would be a leper if you posted a vulnerability without the fix............closed source stuff is a far better target.........you can just bitch and moan but can't do anything about it because it is proprietary

It isn't that the vulnerabilities aren't there, it's just that nobody gives a damn.

EDIT:

Hey MLF,

Quote:

Well disabling the 16 bit compatibility is just not an option for some businesses that run older applications

I live in sticksville and I do not know of any commercial/corporate/institutional that is running 16bit applications other than process control or lab equipment monitoring

My argument would be that they should have a separate computer and network for that?

[morganlefay]

I have 2 sites that use old database apps...used for tracking inventory and manufacturing scheduling, materials management etc....one is so customized I rely on the programmer to fix all the time. The other is off the shelf...and data need to be manipulated outside the system to get any decent reports

Currently migrating over to SQL...but both systems are still required until all the BOMs are ported over....and I know for a fact there are several older systems in place in this area...as I get called to fix them all the time.

I live in the sticks of Canada.....much different then the sticks of the UK

We are true country hicks over here.

MLF

[nihil]

Aaaaahhh!

Over here we do have old apps, but they would run on mainframe or midrange, not on Windows PCs. I see very little bespoke software that has been developed on a Windows platform, other than Excel, Access and SQL.

My best claim to fame (down in London.....UK, not Ontario) was supporting an app written in Lotus 1-2-3 for DOS 3.1 and 3.4. Yep you needed to load 3.1 and 3.4 to get this hybrid baby to work I had it on a Digital Venturis P/I 75MHz with 48Mb of RAM (total waste I know........it was the crappiest machine I could find that hadn't been thrown out...........and those memory sticks on the window ledge........)

I did use it to support a couple of Office 4.3 (Access 2.0) apps until I replaced them.

OK. I don't believe in replacement for the hell of it, but if you have ever tried to convert Access 2 to Access 8 you will know that there is a time and place?..............preferably before you joined the company?