|Home » Industry Watch
Everyone is scrambling but Bill Gates.
Panic has totally broken out in the Windows camp. It turns out the protection the most naive Windows users had counted on - Steve Ballmer's touted 'advanced security technologies' [sic] - 'ain't worth a damn'.
[Don't laugh: the whole world laughed at SP2 but Windows (l)users did not. They believed the hype. Ed.]
Sunbelt Software report that the Data Execution Prevention contraption (DEP) that was supposed to 'help' is doing just about that and no more - 'helping'. The only reasonable chance any Windows (l)user has is to buy new hardware with DEP support - and even then it's a toss-up, as only certain architectures seem able to do the job - the job Bill Gates doesn't himself care about doing, in other words.
The Email Battles site talks about hope from the Google camp: as running Google Desktop on a Windows machine is the most sure-fire way of getting infected with this latest gem, pundits are expecting Google to work double time to find the fix Microsoft are too incompetent and too uninterested to provide.
Finally, Email Battles tells the truth about this and all Windows vulnerabilities: there are no defences - none. Instead, 'content filters at network borders should be set to intercept potentially dangerous graphic files... as always'.
As per usual, the Internet at large is expected to protect Windows (l)users from the threats the Virtual Knight doesn't give a damn about.
It should also be noted that this is more of an 'endemic' flaw in Windows rather than a typical blooper in one of Microsoft's software products. Even Lotus Notes has been shown to be vulnerable.
All these applications are making the same mistake: they're taking for granted Microsoft know how to code.
Finally! WMF Exploit nails the Goog.
XP SP2 Data Execution Prevention can't prevent WMF exploit execution
How to protect your network from WMF trojans plaguing Internet Explorer
Postscript: 'Site has been suspended'
With Microsoft still insisting there's no reason to panic, Windows (l)users are more and more desperate to get a patch for the WMF flaw - after all, all that otherwise remains is abandoning their beloved OS.
And there has been a patch - and all the do-gooders and pundits have written reams about it - but there's a catch to the patch so to speak.
The provider for the Belgian domain cut off all connectivity.