Microsoft blames human error for critical security update failure

User Rating: / 1
PoorBest 

by Stephen Withers

Friday, 20 June 2008

Page 1 of 2 ! "Human issues" are being blamed for a Microsoft security update failing to protect users of Windows XP SP2 and SP3 from a critical vulnerability. The Bluetooth flaw could allow remote execution of code on a targeted computer. Related stories Review: Too Human Microsoft investment shows all is not well at Novell NASA’s Opportunity takes to the open road on Mars Microsoft IE8 Beta 2 released: the web browser for jerk-offs? It’s the end for the “Frickin’ Laser” Arriving as part of June's Patch Tuesday releases, MS08-030 was supposed to fix a flaw that could allow an attack via Bluetooth. Such an attack could theoretically lead to the execution of arbitrary code, but Microsoft security specialists determined that the chance of a successful exploit were slight for several reasons, but largely because of a small timing window and the need to place the code in the correct location. The flaw affects Windows XP SP2 and SP3, XP Professional x64 (including SP 2), and Vista (both x86 and x64, including SP1). After the updates were release, Microsoft realised that XP SP2 and SP3 were not being protected, and began work on a revision, which has now been released. The Microsoft Security Response Center recommends users of Windows SP2 or SP3 test and deploy the new version of the update. For most of us, that means running Windows Update again, or allowing Automatic Updates to do its thing. The other versions of Windows do not require a further update. But how did the XP problem occur, and what's Microsoft going to do about it? See page 2. << First page <   1 2 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >