On-line Opinion Magazine…OK, it's a blog
Random header image... Refresh for more!

Security Problem With IE 6 & 7

The CBC reports: Microsoft warns of serious security flaw in browser

Microsoft has warned of a serious security flaw in its Internet Explorer browser that could allow hackers to access a user’s system remotely.

The security hole was found in an Active X video control player that is used in the browser on Windows XP or Windows Server 2003 systems. The company’s older Internet Explorer 6 and 7.0 are both affected.

Users are advised to deactivate the video ActiveX control until the fix is available.

Those who are using Windows Vista or Windows Server 2008 are not affected by the advisory, Microsoft said.

If you don’t want to or can’t afford a Mac or a switch to Linux, Firefox 3.5, Opera, and others are available. Internet Explorer and ActiveX are a security flaws, and always have been. That Microsoft is announcing this indicates that they haven’t found a fix, and people are exploiting the problem. Normally problems are announced after patches have been shipped.


1 Steve Bates { 07.07.09 at 12:39 pm }

No such problem with Windows Vista, of course. Um, no problem, that is, if you can activate the blessed thing and get it to stay activated, a problem a lot of people (including Stella) face…

You know that statement in Blackstone about “better 10 guilty men go free…”? Well, I think there’s a Micro$oft Windows version of it: better one unlicensed user be shut down than 10 duly licensed users operate Windows for free. One could come to the conclusion that Micro$oft has a bad attitude…

2 Bryan { 07.07.09 at 1:13 pm }

When has a monopoly ever been efficient or innovative? MS is all about maximizing their profits, even if it causes disasters for their customers. They don’t have to please customers because they have crushed their competitors with the notable help of governments and corporations.

3 Kryten42 { 07.07.09 at 8:05 pm }

Geee… such unthinkable and totally surprising news. *YAWN* Oh… sorry. Ahem. Hmmm…. The only ‘word’ that immediately springs to mind is… DUH!

As for Vista… Vista was launched by M$ SOLELY to make people whining about XP, STFU! It was yet another knee-jerk stop-gap half-arsed typical M$ marketing solution to technical problems, just like the abysmal Windows-ME! M$ only released Vista because they knew the *real* next OS was going to be years late, as usual (Windows 7). So far, Windows 7 is looking like a half decent Windows OS. But M$ still has time to realise their error and f*ck it up like they always do. 🙂 M$ also realised that the general public are mostly morons and would pay yet again for another OS that didn’t actually work (Vista) and thereby fund the OS that would at least kinda work (Win 7), and as an added bonus (or in all truth, the primary reason), make The Dweeb a few more millions wealthier while all the morons get poorer.

/rant 😉

Ahhhh…. That felt good! 😀

4 Bryan { 07.07.09 at 8:50 pm }

The had the potential for a decent OS with Window-NT, but they broke it for compatibility with their earlier disasters.

Since then it has been one patch after another.

ActiveX has never worked properly, i.e. as advertised, so it is not surprising that it is a source of the problems. Even for the two sites that I have to go to occasionally that require IE, I refuse A-X.

It’s getting to the point that they should be required to pay 5% of your ISP bill due to their updates and bandwidth usage.

5 Kryten42 { 07.07.09 at 10:12 pm }

Personally, as one who wisely said “No way in hell am I paying for that damned Vista garbage until I can read a dozen or more independent technical reviews from trusted people that say it works properly”, which never happened (what a surprise!) Everyone who did pay should be screaming for a refund. M$ themselves proves themselves with Win 7 that the ‘designed in’ XP compatibility in Vista never worked when you look at Win 7 and the fact that the ‘XP & Vista compatibility’ are a bundled layer and not part of the core design (and are in fact a Micro-XP running in a VM – Virtual Machine, so you better upgrade your hardware to make The Dweebs share value in hardware component companies, such as Intel, increase). Basically, if you want XP/Vista compatibility, you have to actually run a licensed copy of either on top of Windows 7 via Virtual PC 7 ( a much better option if you really want to run a VM is to use Parallels or VirtualBox (or, if you can afford it, VMware). Then you have a much more efficient VM and can also run Linux and save your sanity. 🙂

Secret No More: Revealing Windows XP Mode for Windows 7

BTW, for people who think setting file permissions under Linux was complicated (dunno why… very simple to me), wait until Win 7!! 😆

Windows 7’s compatibility mode crashes

The crash is due to the wrong permission settings of the file “user32.dll” under “c:\windows\system32\” after the patch is applied.

You can still apply the patch to remove the watermark. Then you need to correct the permission of the file.

Go to “user32.dll”, right click and select “Properties”, under “Security” tab, correct the following permission settings.

System – only “read and execute” and “read”
Administrators – only “read and execute” and “read”
Users – only “read and execute” and “read”
TrustedInstaller – “Full Control”
File Owner – TrustedInstaller

Reminders: to add “TrustedInstaller”, you need to type “NT Service\TrustedInstaller” without the quote.

And that’s not all of it by far! 😉

So… welcome to Windows 7! Guaranteed to make The Dweeb even wealthier and users even more frustrated. 😀

6 Bryan { 07.07.09 at 11:03 pm }

My biggest complaint about the entire concept of upgrading Windows versions is that the newer versions haven’t added anything that I wanted or needed to use my box the way I needed and wanted to use it, and they often broke software that was very useful in the way I work.

I don’t need new software that is bigger and slower than what I have, offers no obvious advantages, requires more resources to even function, and is buggy.

I would consider upgrading several pieces of software if my experience hadn’t consistently been to have that software go immediately to its home web site to download patches. I’m tired of paying for the opportunity to be someone’s beta tester. If it isn’t ready, you don’t ship it.

Come on, Kryten, you can’t expect people to remember 8 bit patterns, that’s just too hard. Counting to seven is work. Actually, I generally cheat and use my FTP program and check boxes to change the settings at my host.

Finding what you’re looking for in the properties box has always been a PITA. You wonder what the people who designed it actually do for a living.

They had better do some major clean-up, or the only way I’ll see Win7 is if I have to buy a new machine.

7 Badtux { 07.08.09 at 12:43 am }

If Microsoft had just stopped with Windows 2000, they had a stable OS that did everything that everybody needed, and was relatively quick too. But Nooooo. They had to f*ck with working software and add bugs to it — FOR NO GOOD REASON. Does Windows Vista do anything for you that Windows 2000 didn’t do? Bah.

But I’m one of those MacLinux heretics, so it’s not as if I suffer anyhow. (Mac on my desktop, Linux on my servers). Pfffft!

– Badtux the Snarky Penguin

8 Kryten42 { 07.08.09 at 1:01 am }

Ooooh! You really are ‘Old Skool’ Bryan! 😉 ‘lol’

You can just use ‘chmod u+w’ or whatever (a common one for me is: ‘chmod ug+rw’, meaning (for those not in the know) ‘change the (u)ser & (g)roup permissions on the (file(s)|directory(s)) to make them (r)ead and (w)ritable’). Or, one can use the 8-bit patterns as you say and make it: ‘chmod 660’ or 664. The real power comes in manipulating the ‘special’ bits such as ‘(s)etuid/gid, s(t)icky, and ‘special e(X)ecute’.

Of course, these days linux does have a GUI and a file browser (or, as you point out, FTP), and permissions can be changed with the context menu. I still prefer a console though (BASH usually), because I’m generally working on a remote server via ssh. And my fingers remember the commands even when my brain is fried. 😆 They haven’t changed in decades, isn’t consistency lovely, and useful even? What a concept! And the things one can do with awk & grep! *drool* 😀

And yup! I have a beta of ‘7’ (7000) and you need at least 2GB RAM *WITHOUT* running the emulator and XP/Vista! Install takes a lot of disk space also and CPU resources.

People say Vista was the best thing to happen to linux… I suspect Win 7 will be even better for linux! 😉 You know… I still have linux running happily on an old Pentium II box, and I *do* mean running! It also has Win98SE tweaked to a dream by ‘yours truly’ (It’s and old, circa 1999, Gateway Solo 9000 that I got as it was the first with a DVD drive and 3D video/graphics with built-in hardware MPEG and full media I/O and even USB. Cost over $AU6k back then and was the Rolls-Royce of notebooks. It still works well today, I happily run modern video DVD’s under linux on a large w/s LCD display. It originally had 3 SODIMM RAM sockets that only suported up to 8MB SODIMMS, but I found a a BIOS & h/w hack that allowed to use 32MB SODIMMS, thereby quadrupling the original RAM, and a 20GB HDD, partitioned into 7/7/5 (I lose 1Gb to formatting). 98SE doesn’t know what to do with it all! 😆

9 Steve Bates { 07.08.09 at 10:50 am }

In fairness to Stella, Vista allowed her to continue working… at all. Her previous computer fried itself for good and all, and you can no longer walk into a store and buy an XP computer. XP had worked pretty well for her (and for me) up to that point. Given that she had two days to get back up and running, buying a Vista box was the best solution available… not a good solution, just the best available.

M$ should have stopped at XP. That was the (relatively) most stable OS they ever produced. As for NT, I would not voluntarily return to the days of the Blue Screen of Death. That was a serious PITA in a 24×7 production environment, as one of my clients could tell you.
.-= ´s last blog ..The Essence Of GeeDubya Bush =-.

10 Bryan { 07.08.09 at 4:15 pm }

Steve, the original NT was created by Dave Cutler and a group from DEC who were brought in to do it by Microsoft. These are the people who created VMS and RSX-11, and their original version was a great OS. I had family working for DEC and we played with it on an Intel box and an Alpha, as it was written to be a device independent 32 bit system. Then it was “broken” for backwards compatibility with Microsoft apps. NT was the basis for 2000 and XP, and all they have really done is strip some of what was inserted to break the original version.

They should have sold the original version and fixed the broken apps, instead of breaking it to work with them.

11 Bryan { 07.08.09 at 4:40 pm }

Kryten, I go back to inserting the bootstrap loader in octal using toggle switches, so entering octal is easy for me, but now that you’ve mentioned it, I remembered that chmod accepts the other form.

If I could just get one last client to change, I would be Linux all around. It would make life so much easier as it has the tools built-in to find problems if something breaks.

Ah, the joys of grep! I can’t tell you how many times I’ve had the MS search come up empty looking for files, and I then find using a manual search. Even when it finds them I have to screw around getting a location from the damn ap as it changes the display settings every time I run it. I haven’t got a clue as to who the model user for the ap is supposed to be.

Hey, everyone here realizes it’s crap, but we have to deal with it because it’s a near monopoly. One day…

12 Kryten42 { 07.08.09 at 7:47 pm }

Steve: Vista does work for some. And I’m glad it works for you (Stella). 🙂 I’m always happy when any computer does what it’s owner wants and needs. And of course, if it works, don’t mess with it. 🙂

The problem is that it’s very inconsistent. This is why Dell refused to install Vista on new PC’s for over a year and forced M$ to extend the life of XP.

Yes, Cutler and crew did a great job all things considered. 🙂 The original NT was fast and secure. The Dweeb killed it after NT 3.1 after discovering the security was TOO good! He couldn’t easily see what everyone was doing. 🙂

I still have a copy of the original ‘Inside Windows NT’ book by Helen Custer. Most people don’t realise that NT 3.1 was released in ’93, before Win 95. Most think it came out at the end of the 90’s. The problems really began when M$ and IBM had a falling out over OS/2. The Dweeb wanted to own it all even though much of it was already covered by IBM patents etc. The NT3.1 core was based on POSIX and OS/2. After M$ refused to pay royalties to IBM, they were forced to remove the OS/2 components thus ruining a good, stable OS. And we have the have the garbage from M$ today because The Dweeb is a totally greedy SOB who wants to own everything! 🙂

13 Bryan { 07.08.09 at 11:52 pm }

Isn’t it amazing, with their track record of complaining about people supposedly stealing their “intellectual property”, how resistant M$ has always been about paying other people for theirs.

Even if you have a subscription they are constantly trying to screw you out of the products the subscription is supposed to cover. If they spent as much on R&D as they spent on lawyers, they would be producing a much better product that would be a hell of a lot cheaper to maintain.

It is unfortunate that in this business the best products are rarely selected as the winner.

14 SSG { 07.09.09 at 1:07 am }

My laptop is dual boot Vista/Linux Ubuntu. I’d switch over to Linux entirely if the font rendering didn’t make my eyes bleed after a couple hours. Trivial, I know. But important to me.

15 Kryten42 { 07.09.09 at 1:30 am }

Very true.

Sadly, the really good products don’t stand a chance against The Dweebs greedy paranoia. He has spent hundred’s of millions in the past destroying any product that may have a half chance. Remember DESQview/X from Quarterdeck? It was beginning to overtake Windows 3 in the early 90’s, so M$ launched the horrid BOB on a naive and unsuspecting world! As soon as DESQview was destroyed, BOB was killed to many thankful wails of relief!! M$ have a long and sordid history of this kind of tactic, not to mention outright theft. Another example with the brilliant DRI GEM Desktop and later, GEM/3.

Dinosaur Sighting: Microsoft Bob
Microsoft BOB Image Gallery

At the time, the general public though Bob looked nice and easy to use. As we all know, the public takes a very long time to realise that something that looks good on the surface is not necessarily very good underneath!

Of course, all of these GUI’s have their roots at Xerox. Primarily the Xerox Star Workstation (officially the Xerox 8010 Information System) circa 1981, but also the Xerox Alto circa 1973.

See also: The Xerox “Star”: A Retrospective a paper by Jeff Johnson and Teresa L. Roberts, U S WEST Advanced Technologies. Note: There is a nice graph near the bottom that summarizes how the various systems related. 🙂

And then there was the PERQ! Designed by ICL (and then Three Rivers Computer Corp) in the mid-late 70’s using their own in-house designed CPU and other components. 🙂 It had a display with a resolution of 1024×768 pixels! That was incredible at that time, and unavailable on M$ OS’s until the mid-90’s, many years later. The PERQ CPU was designed to directly execute p-code, thus making it an extremely fast (in it’s day) Pascal interpreter and compiler. Here’s a PDF brochure (check out the prices! $2k for a 1MB FDD! LOL) :

Three Rivers PERQ Brochure PDF

Strangely… There was a 24MB fixed-disk option (a 14″ Shugart from memory) that was cheaper than the 1MB Floppy disk drive (only $1,500). It also had a built in (working) speech synthesizer and an optional 10Mb networking. 😉

I actually got to play with some PERQ workstations. I was tasked to design an interface system so PERQ’s could run off a Pyramid Technology SMP multi-processor system running OS/x (one of the first SMP UNIX variants that supported both BSD & SVR4) in the late 80’s. The combination made for a powerful tool for real-time analysis by the MI org I worked for then. 🙂

The real father of the ‘interactive user interface’ (and many other things) was Dr. Douglas Engelbart mostly whilst at SRI (Stanford Research Institute) back when the USA actually did real research. 😉

I could go on… but I need a coffee! 😆 😉

16 Kryten42 { 07.09.09 at 1:32 am }

Oh! I meant to add this for the PERQ! Some great pic’s (I still think it was a great looking system! Certainly teh best looking in it’s day.) 🙂

Three Rivers PERQ Photo’s

17 Kryten42 { 07.09.09 at 2:09 am }

Hi SSG! Sorry… we seem to have posted at the same time. 🙂

I had the same problem with Ubuntu (around v7.04) until I switched to CentOS, which has this fixed already, (that I have to support for clients).

Heres a ‘HOW TO’ thread at the Ubuntu forums about a way to improve the font rendering that may help:

HOW TO: Improve Ubuntu font rendering

Here’s another (at Ubuntu Geek):

Improved subpixel font rendering for Feisty Fawn/Hardy Heron

And this is specifically about improving font rendering on LCD’s (though not specific to Ubuntu, it may give you some pointers):

Better LCD Font Rendering

Good luck! 🙂

18 Kryten42 { 07.09.09 at 2:29 am }

Hmmm. Actually SSG… You reminded me of yet ANOTHER reason to despise M$ and The Dweeb in charge (and also Adobe!). 😉 😆

I spent a few years in the IT publishing industry because of my heavy involvement in publishing in the 80’s for various organisations I worked for. In the early 90’s I was a distributor for Quark, Aldus (Pagemaker before Adobe bought Aldus and destroyed all their good work), Framemaker (another good company destroyed by Adobe) and others. I came acros a good article about the terrible injustice M$ has done to the world regarding publishing generally and fonts in particular.

Texts Rasterization Exposures

It’s worth reading the whole thing, but if you’re in a hurry, scroll down to the section entitled: Microsoft, Apple, Adobe, and FontFocus
and: Microsoft and Adobe: Sub-pixel Positioning and Kerning

And then (sadly): Linux – Inheriting the Worst