Amongst Microsoft’s many, many accomplishments, is this lovely little gem:
There are bugs that Microsoft patch pretty quickly, there are bugs that take a little more testing and take longer, there are bugs that they take ages to patch for some reason.
And now, from your trustworthy business OS supplier comes a first in long history of innovation – a bug that cannot be patched.
It can’t be fixed.
Why this isn’t more widely reported is beyond me. Microsoft’s solution is to run IE8 in a restricted mode which seems a band-aid solution to me.
Sure, Vista solves this little hiccup, but just about every Windows box that I can see from my happy little Mac studio, is still running XP.
What galls me the most is that this little feature has been present in every version of Windows up until Vista, they’ve only just discovered it as far as I can tell.
A few years from now, will there be another ‘unpatchable’ flaw in Vista, Windows 7, 8, 9 etc that they discover?
Why do people not question them? Why do they just accept this? Why is the news full of Apple releasing another device that everyone fails to understand, because it just happens to do something different, and not full of Microsoft’s unbelievable, amateurish and downright dangerous coding?
No other web browser on the Windows platform is affected. Does that not say something about this company?
So let me get this straight, a flaw in Safari, could allow a malicious attacker to download files (1, 2 or thousands) to your Windows desktop without your perrmission.
But the flaw doesn’t allow execution.
Because Apple’s not that stupid.
You know, to allow just ‘any’ file to just execute without permission.
So what’s the problem? Other than it being a ‘design’ flaw? It’s certainly not a security flaw is it? the files cannot be executed and therefore cause untold damage can they?
Ah, right but those files can…
By a flaw in Windows.
Not Safari, then.
So it’s Microsoft’s problem then is it?
That’s right it is.
And when will Microsoft fix this flaw?
No word on that. Yet.
I’m sure they’ll get round to fixing it asap, once they’ve blamed Apple for drawing attention to their SECURITY flaw, by a DESIGN flaw that Apple, quite rightly, didn’t really think would cause too much of a problem, because no company is stupid to allow files to execute by themselves.
Except Microsoft. Again.