HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Microsoft Patches 19-Year-Old Windows Bug
- Thread starter HardOCP News
- Start date
- Joined
- Jun 27, 2001
- Messages
- 15,814
it's internet explorer, it's assumed to be broken
UrielDagda
2[H]4U
- Joined
- Nov 16, 2004
- Messages
- 2,844
Yes but is it safe to patch, or does it have the potential to bork your box like the last two month's updates???
We think it borked one of our web portals in dev that we tested this morning. We're restoring to try it a second time.
Borked or Citrix web interface server for me. Thankfully we have a few lol
UrielDagda
2[H]4U
- Joined
- Nov 16, 2004
- Messages
- 2,844
Great.. Just great. lol
Woah, not the sort of thing i want to see reported. I have citrix storefront on windows 2012 r2 servers. Need to find the kb for this and see whats up in my environment
One thing slightly misleading is that the bug wasn't known about for 19 years. This bug was just found in May, they just finally worked out everything needed to patch it.
However this bug effects everything from windows 95 up to windows 8.1 so that is how it is a 19 year old bug. This is no different then the shell shock bug or heart bleed where it has been around for years but just recently found.
However this bug effects everything from windows 95 up to windows 8.1 so that is how it is a 19 year old bug. This is no different then the shell shock bug or heart bleed where it has been around for years but just recently found.
I have not tried the patch on my storefront servers yet. Holding off after that first web interface lol
MrCaffeineX
[H]ard|Gawd
- Joined
- Aug 22, 2011
- Messages
- 1,604
The problem is that even experienced users sometimes make a wrong click or worse, the ad server that is serving up the advertisements to a page you visit all the time gets hit and starts serving up drive-by style infections. I've even seen state websites at work that have been compromised and become "malicious". They really do not like it when you call their help desk and let them know that their site is borked
DustMite
Limp Gawd
- Joined
- Jul 5, 2004
- Messages
- 472
One of the flaws with closed-source software development is that it can take a long time to debug and fix problems with the software. When you have the same sets of eyes staring at the same code day in and day out they are more likely to overlook or miss something. Still though, who would have thought that it would take this dang long to fix a problem.
The problem is that even experienced users sometimes make a wrong click or worse, the ad server that is serving up the advertisements to a page you visit all the time gets hit and starts serving up drive-by style infections. I've even seen state websites at work that have been compromised and become "malicious". They really do not like it when you call their help desk and let them know that their site is borked
true, but the fact that you are on a malicious webpage to begin with the browser of choice is only a partial help. Being on a malicious site in firefox or any other browser is still going to put you at great risk of something happening.
Explain shell shock and heart bleed then. Why weren't those found day 1?
It didn't take them very long to fix this problem, like shell shock it has been hiding there for years, somebody just realized that it was there. and they fixed it within a few months.