Barney's Blog

Blog archive

Windows Help Needs Help

The help system for Windows XP and Server 2003 has a flaw that could (but hasn't yet) allow remote code execution exploits. For the attack to work, a user will have to visit a malicious Web site or click a bad link in a spam message.

The flaw was discovered by Google which blasted Microsoft for waiting to release the information. Correct me if I'm wrong, but disclosing an unpatched flaw is an open invitation to hackers, n'est-ce pas?

What do you think? Should flaws be publicized before there's a remedy? Send me a malicious-code-free e-mail with your thoughts to dbarney@redmondmag.com.

Posted by Doug Barney on 06/14/2010 at 1:17 PM


Featured

  • Ransomware: What It Means for Your Database Servers

    Ransomware affects databases in very specific ways. Joey describes the mechanics of a SQL Server ransomware attack, what DBAs can do to protect their systems, and what security measures they should be advocating for.

  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.