With the June patches being so numerous
this month, even some folks who ordinarily patch quickly are just now getting around to patching.
But with proof-of-concept code and live exploits already on the Net for many of the
flaws announced on June 13, if you haven’t
yet updated, now’s the time to test and patch.
The last few weeks haven’t been good
for Microsoft Excel. Three serious vulnerabilities affecting the popular
spreadsheet program have been revealed. Two of these are already being actively exploited in the
This is a serious concern, as
there currently isn’t a patch for any of the three holes. But I’ll arm you with
workarounds that should keep
hackers from storming your computer.
There are a lot of ways your machines can be attacked. Not all of them are
via the Internet.
Some attack vectors require physical access, but many others can hit you without
notice when you do something as simple as accessing an external device.
When Microsoft first announced Windows Live OneCare, I figured
Redmond had a lot of cojones to charge consumers for protection against
flaws in its own products.
In OneCare’s first month, however, it appears to my jaundiced eye that MS has responded
to two real, in-the-wild, zero-day attacks — first in Word, then in Excel — via a little-known
free service called the Windows Live
Safety Center. Never heard of it? Read on.
The Internet interprets Microsoft as damage and routes around it.
My apologies to John Gilmore for tweaking his famous 1993
quote about censorship. But the above statement just happens to sum up the
alternatives Windows users are adopting ever since Microsoft’s “Windows Genuine
Advantage” (WGA) debacle.