Microsoft to patch flaw responsible for Google, China fiasco

Status
Not open for further replies.
Justin

Justin

Posts: 914   +0

Microsoft announced today that a particularly nasty flaw in IE will be patched tomorrow. The flaw in question earned some fame recently as the culprit behind the China-based attack on Google -- a situation that is still boiling. Google claims that little data of importance was compromised as a result of the flaw and Microsoft noted that attacks only succeeded on machines running IE6.

Microsoft will push the patch out tomorrow around 10AM PST, outside of their normal patching schedule. A statement from Jerry Bryant, a security program manager at Microsoft, revealed that the sensitive nature of the flaw prompted them to crank it out faster than usual. Users of IE6, 7 and 8 on Windows XP, Server 2003, Vista, Server 2008 and Windows 7 are urged to apply the patch once it is available.

Permalink to story.

https://www.techspot.com/news/37656-microsoft-to-patch-flaw-responsible-for-google-china-fiasco.html

 
Reuters in China was saying that this attack might be an inside job at Google. There's still an ongoing investigation, but they're concerned that a Google employee dropped a Hydraq Trojan, which seemed to be targeted to specific people inside the company.

In a weird way, that's makes me feel a little better about this patch knowing that the Trojan affects specific machines, and that the attack wasn't the result of some infected public website that a computer user happened upon. I'll still patch my systems, and I have to give props to Microsoft for understanding the severity of this flaw and issuing a patch so quickly.
 
"noted that attacks only succeeded on machines running IE6."

I've worked for two larger companies that depend on IE6 for their day to day business operations, of which one will probably refuse to upgrade for the next couple of years or until Microsoft 'forces' them to. It is usually a good idea to make sure software is up to date. Yeah it'll probably be a nice project for the IT dept.
 
Justin said:
Microsoft announced today that a particularly nasty flaw in IE will be patched tomorrow. The flaw in question earned some fame recently as the culprit behind the China-based attack on Google -- a situation that is still boiling. Google claims that little data of importance was compromised as a result of the flaw and Microsoft noted that attacks only succeeded on machines running IE6.

Read the whole story
Click to expand...

Served them (i.e. google) well ;)
 
I read: "Microsoft to patch flaw responsible for Google". Oh, that explains things. Took them long enough.
 
Timonius said:
"noted that attacks only succeeded on machines running IE6."

I've worked for two larger companies that depend on IE6 for their day to day business operations, of which one will probably refuse to upgrade for the next couple of years or until Microsoft 'forces' them to. It is usually a good idea to make sure software is up to date. Yeah it'll probably be a nice project for the IT dept.
Click to expand...

You are absolutely right, plenty of big companies locked into using IE6. I've done development work in these environments and they will be stuck with IE6 for some time to come, believe me.
 
This raises a question in my mind. Any one with an older system has products of that time period leftin it, no matter how much their system has been updated. So how does this "flaw" efect them?
 
Am I the only person that thinks not only should Google pull out of China but that all American companies should pull out? For that matter, block all web traffic in and out of China all together. Completely cut them off from the US. Pull American money out, stop buying their products, start charging major tariffs on Chinese exports. If they refuse to play by the same rules everyone else does, then they don't get to play.
 
Imma Git on Mah High Horse an' Rahd.....

jjbeard926 said:
Am I the only person that thinks not only should Google pull out of China but that all American companies should pull out? For that matter, block all web traffic in and out of China all together. Completely cut them off from the US. Pull American money out, stop buying their products, start charging major tariffs on Chinese exports. If they refuse to play by the same rules everyone else does, then they don't get to play.
Click to expand...
Actually, you may be the only person that feels this way . First of all, there isn't that much American money in China, it's just a bunch of BS >> I.O.U <<s. We're actually lucky that they don't come over here and demand payment.

And as to "not buying their product" I'd really like to see you personally be forced to buy all your products from factories in the US, with union workers.

I reckon that the first time you paid 3 or 4 hundred dollars for a US made motherboard that you could buy Chinese made for a hundred bucks or so, you'd be "spewing forth" a different sermon. Oh, yeah, don't forget to "look for the union label"

The best outlet for your runaway patriotism, might be to tape an American flag to your car, and go back to driving through traffic lights while running your yap on a Chinese made iPhone.
 
First of there isn't that much American money in China
Click to expand...

American dollar is nothing more than a worthless piece of paper if it weren't for Chinese. Infact, if it weren't for american military power (which is pretty stretched and becoming ineffective as well); america may become irrelevant. History has taught us one thing, big science and knowledge always follow money, as the money shifts from one nation to another so does the scientific knowledge;
so there is a cue for you jj .....
 
Archean; please fix my quote to read; "first of > ALL < (comma), there isn't...[ ]...

This was a failure to proofread fully on my part, and I apologize for it.

Although, I suppose if had actually typed, "first OFF", that would have worked too.
 
That's alright; the other day i typed 'tail' instead of 'tale' and you was gracious enough to overlook it, the point is we all sometimes end up with typing errors etc. and that is nothing to worry about :)
 
Status
Not open for further replies.

Similar threads

A
Microsoft left a kernel-level, zero-day bug in Windows for six months before patching it
Replies
9
Views
210
LimyG
LimyG
midian182
China bans purchase of Intel and AMD processors, Microsoft Windows for government computers
2 3
Replies
52
Views
722
Underdog
Underdog
D
Google fixes critical Android flaw that could be exploited to hack your phone remotely
Replies
6
Views
279
envirovore
envirovore

Latest posts

Back