Vista is a secure OS... YEAH RIGHT~~!

As I have predicted vista will be the biggest target ever
for all kinds of attacks. It will be brought down to its knees
by the hackers. Why? Well because MS boasted about it being secure... and
everyone knows that this is a lie.
Now all the hackers have to do is play! Although I wish no harm to anyone...
vista needs a good smack-down to show
the world what a piece of crap it really is. MS has the NERVE to CLAIM that
vista is more secure than linux or Macs...
ohhh their asking for it BIG TIME!

see a video here of the .ani attack (this effects all versions of windows,
but I thought vista was secure.. what the heck is UAC doing? sleeping? )

http://www.youtube.com/watch?v=hf0S0Vk7j6I

see article here:

March 30, 2007
Follow-up: Vista vulnerable to animated cursor flaw
On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
related to the way those browsers in Windows XP Service Pack 2 handle
animated cursors. At the time, the word was that it would not affect IE7 on
Windows Vista because of that browser's Protected Mode, which isolates it
from the operating system.

However, apparently IE need not be involved at all. Just the way Windows
handles animated cursors leaves the operating system vulnerable. Drag a
malicious animated cursor file (.ani) to the Vista desktop and . . .

Well, see for yourself, courtesy of this video by McAfee's Craig Schmugar:

Yes, what you're watching is an endless loop of Windows Explorer crashing
and restarting, over and over. In its security bulletin on the flaw,
Microsoft mentions that one way to spread this would be via e-mail. Indeed,
an e-mail attachment saved to the desktop would be just the thing to kick
off this crash-restore cycle.

It will be interesting to see how fast Microsoft patches this vulnerability.

Update: Security firm eEye has issued a third-party patch for the flaw. Use
it at your own risk.

Update 2.0: Microsoft -- Attacks on Windows Flaw Rise

I don't remember reading anywhere that Vista is more secure than OS X or
Linux. But I did read that Vista is the most secure version of Windows yet.
--
Andre
Blog: http://adacosta.spaces.live.com
My Vista Quickstart Guide:
http://adacosta.spaces.live.com/blog...3DB!9709.entry
"jim kirk" <11@11.11> wrote in message
news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
> As I have predicted vista will be the biggest target ever
> for all kinds of attacks. It will be brought down to its knees
> by the hackers. Why? Well because MS boasted about it being secure... and
> everyone knows that this is a lie.
> Now all the hackers have to do is play! Although I wish no harm to
> anyone... vista needs a good smack-down to show
> the world what a piece of crap it really is. MS has the NERVE to CLAIM
> that vista is more secure than linux or Macs...
> ohhh their asking for it BIG TIME!
>
> see a video here of the .ani attack (this effects all versions of windows,
> but I thought vista was secure.. what the heck is UAC doing? sleeping? )
>
> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>
> see article here:
>
> March 30, 2007
> Follow-up: Vista vulnerable to animated cursor flaw
> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
> related to the way those browsers in Windows XP Service Pack 2 handle
> animated cursors. At the time, the word was that it would not affect IE7
> on Windows Vista because of that browser's Protected Mode, which isolates
> it from the operating system.
>
> However, apparently IE need not be involved at all. Just the way Windows
> handles animated cursors leaves the operating system vulnerable. Drag a
> malicious animated cursor file (.ani) to the Vista desktop and . . .
>
> Well, see for yourself, courtesy of this video by McAfee's Craig Schmugar:
>
> Yes, what you're watching is an endless loop of Windows Explorer crashing
> and restarting, over and over. In its security bulletin on the flaw,
> Microsoft mentions that one way to spread this would be via e-mail.
> Indeed, an e-mail attachment saved to the desktop would be just the thing
> to kick off this crash-restore cycle.
>
> It will be interesting to see how fast Microsoft patches this
> vulnerability.
>
> Update: Security firm eEye has issued a third-party patch for the flaw.
> Use it at your own risk.
>
> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>

yes.. believe it or not they did say this

read here

http://www.digitmag.co.uk/news/index.cfm?NewsID=7603





"Andre Da Costa[ActiveWin]" <andred25@hotmail.com> wrote in message
news:uKCmJzZdHHA.4352@TK2MSFTNGP03.phx.gbl...
>I don't remember reading anywhere that Vista is more secure than OS X or
>Linux. But I did read that Vista is the most secure version of Windows yet.
> --
> Andre
> Blog: http://adacosta.spaces.live.com
> My Vista Quickstart Guide:
> http://adacosta.spaces.live.com/blog...3DB!9709.entry
> "jim kirk" <11@11.11> wrote in message
> news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
>> As I have predicted vista will be the biggest target ever
>> for all kinds of attacks. It will be brought down to its knees
>> by the hackers. Why? Well because MS boasted about it being secure... and
>> everyone knows that this is a lie.
>> Now all the hackers have to do is play! Although I wish no harm to
>> anyone... vista needs a good smack-down to show
>> the world what a piece of crap it really is. MS has the NERVE to CLAIM
>> that vista is more secure than linux or Macs...
>> ohhh their asking for it BIG TIME!
>>
>> see a video here of the .ani attack (this effects all versions of
>> windows, but I thought vista was secure.. what the heck is UAC doing?
>> sleeping? )
>>
>> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>>
>> see article here:
>>
>> March 30, 2007
>> Follow-up: Vista vulnerable to animated cursor flaw
>> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
>> related to the way those browsers in Windows XP Service Pack 2 handle
>> animated cursors. At the time, the word was that it would not affect IE7
>> on Windows Vista because of that browser's Protected Mode, which isolates
>> it from the operating system.
>>
>> However, apparently IE need not be involved at all. Just the way Windows
>> handles animated cursors leaves the operating system vulnerable. Drag a
>> malicious animated cursor file (.ani) to the Vista desktop and . . .
>>
>> Well, see for yourself, courtesy of this video by McAfee's Craig
>> Schmugar:
>>
>> Yes, what you're watching is an endless loop of Windows Explorer crashing
>> and restarting, over and over. In its security bulletin on the flaw,
>> Microsoft mentions that one way to spread this would be via e-mail.
>> Indeed, an e-mail attachment saved to the desktop would be just the thing
>> to kick off this crash-restore cycle.
>>
>> It will be interesting to see how fast Microsoft patches this
>> vulnerability.
>>
>> Update: Security firm eEye has issued a third-party patch for the flaw.
>> Use it at your own risk.
>>
>> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>>
>
>

Well, its their product, it would be kinda weird not to say your own product
is not better than the competition.
--
Andre
Blog: http://adacosta.spaces.live.com
My Vista Quickstart Guide:
http://adacosta.spaces.live.com/blog...3DB!9709.entry
"jim kirk" <11@11.11> wrote in message
news:Ofksm3ZdHHA.3648@TK2MSFTNGP05.phx.gbl...
> yes.. believe it or not they did say this
>
> read here
>
> http://www.digitmag.co.uk/news/index.cfm?NewsID=7603
>
>
>
>
>
> "Andre Da Costa[ActiveWin]" <andred25@hotmail.com> wrote in message
> news:uKCmJzZdHHA.4352@TK2MSFTNGP03.phx.gbl...
>>I don't remember reading anywhere that Vista is more secure than OS X or
>>Linux. But I did read that Vista is the most secure version of Windows
>>yet.
>> --
>> Andre
>> Blog: http://adacosta.spaces.live.com
>> My Vista Quickstart Guide:
>> http://adacosta.spaces.live.com/blog...3DB!9709.entry
>> "jim kirk" <11@11.11> wrote in message
>> news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
>>> As I have predicted vista will be the biggest target ever
>>> for all kinds of attacks. It will be brought down to its knees
>>> by the hackers. Why? Well because MS boasted about it being secure...
>>> and everyone knows that this is a lie.
>>> Now all the hackers have to do is play! Although I wish no harm to
>>> anyone... vista needs a good smack-down to show
>>> the world what a piece of crap it really is. MS has the NERVE to CLAIM
>>> that vista is more secure than linux or Macs...
>>> ohhh their asking for it BIG TIME!
>>>
>>> see a video here of the .ani attack (this effects all versions of
>>> windows, but I thought vista was secure.. what the heck is UAC doing?
>>> sleeping? )
>>>
>>> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>>>
>>> see article here:
>>>
>>> March 30, 2007
>>> Follow-up: Vista vulnerable to animated cursor flaw
>>> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
>>> related to the way those browsers in Windows XP Service Pack 2 handle
>>> animated cursors. At the time, the word was that it would not affect IE7
>>> on Windows Vista because of that browser's Protected Mode, which
>>> isolates it from the operating system.
>>>
>>> However, apparently IE need not be involved at all. Just the way Windows
>>> handles animated cursors leaves the operating system vulnerable. Drag a
>>> malicious animated cursor file (.ani) to the Vista desktop and . . .
>>>
>>> Well, see for yourself, courtesy of this video by McAfee's Craig
>>> Schmugar:
>>>
>>> Yes, what you're watching is an endless loop of Windows Explorer
>>> crashing and restarting, over and over. In its security bulletin on the
>>> flaw, Microsoft mentions that one way to spread this would be via
>>> e-mail. Indeed, an e-mail attachment saved to the desktop would be just
>>> the thing to kick off this crash-restore cycle.
>>>
>>> It will be interesting to see how fast Microsoft patches this
>>> vulnerability.
>>>
>>> Update: Security firm eEye has issued a third-party patch for the flaw.
>>> Use it at your own risk.
>>>
>>> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>>>
>>
>>
>

{{Microsoft hater alert}}
{Linux or Mac dork alert}}

Was the system compromised? Was the user account even compromised? Yes it
caused a crash but was it able to use this to exploit the system?

--
Kerry Brown
Microsoft MVP - Shell/User
http://www.vistahelp.ca


"jim kirk" <11@11.11> wrote in message
news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
> As I have predicted vista will be the biggest target ever
> for all kinds of attacks. It will be brought down to its knees
> by the hackers. Why? Well because MS boasted about it being secure... and
> everyone knows that this is a lie.
> Now all the hackers have to do is play! Although I wish no harm to
> anyone... vista needs a good smack-down to show
> the world what a piece of crap it really is. MS has the NERVE to CLAIM
> that vista is more secure than linux or Macs...
> ohhh their asking for it BIG TIME!
>
> see a video here of the .ani attack (this effects all versions of windows,
> but I thought vista was secure.. what the heck is UAC doing? sleeping? )
>
> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>
> see article here:
>
> March 30, 2007
> Follow-up: Vista vulnerable to animated cursor flaw
> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
> related to the way those browsers in Windows XP Service Pack 2 handle
> animated cursors. At the time, the word was that it would not affect IE7
> on Windows Vista because of that browser's Protected Mode, which isolates
> it from the operating system.
>
> However, apparently IE need not be involved at all. Just the way Windows
> handles animated cursors leaves the operating system vulnerable. Drag a
> malicious animated cursor file (.ani) to the Vista desktop and . . .
>
> Well, see for yourself, courtesy of this video by McAfee's Craig Schmugar:
>
> Yes, what you're watching is an endless loop of Windows Explorer crashing
> and restarting, over and over. In its security bulletin on the flaw,
> Microsoft mentions that one way to spread this would be via e-mail.
> Indeed, an e-mail attachment saved to the desktop would be just the thing
> to kick off this crash-restore cycle.
>
> It will be interesting to see how fast Microsoft patches this
> vulnerability.
>
> Update: Security firm eEye has issued a third-party patch for the flaw.
> Use it at your own risk.
>
> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>

"jim kirk" <11@11.11> wrote in message
news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
> As I have predicted vista will be the biggest target ever
> for all kinds of attacks. It will be brought down to its knees
> by the hackers. Why? Well because MS boasted about it being secure... and
> everyone knows that this is a lie.
> Now all the hackers have to do is play! Although I wish no harm to
> anyone... vista needs a good smack-down to show
> the world what a piece of crap it really is. MS has the NERVE to CLAIM
> that vista is more secure than linux or Macs...
> ohhh their asking for it BIG TIME!

Wow! Great prediction jim kirk/kirk jim/just jim/just kirk. You picked the
future dominating OS and claimed it'll receive mass attention.

I predict the planet Earth to house the most humans one year from now.

Now we both get a cookie. I want oatmeal raisin with NO walnuts!

And... the article even said MS was the "best" at fixing vulnerabilities...
the quickest. 21 days on average to fix, compared to Apple's average of 66
days, Red Hat's 58 days, HP's 101 days and Sun's 121 days.

And I quote: "Microsoft was clearly the best," Friedrichs said. [at fixing
vulerabilites...]

Lang



"Andre Da Costa[ActiveWin]" <andred25@hotmail.com> wrote in message
news:OzYJD6ZdHHA.3976@TK2MSFTNGP06.phx.gbl...
> Well, its their product, it would be kinda weird not to say your own
> product is not better than the competition.
> --
> Andre
> Blog: http://adacosta.spaces.live.com
> My Vista Quickstart Guide:
> http://adacosta.spaces.live.com/blog...3DB!9709.entry
> "jim kirk" <11@11.11> wrote in message
> news:Ofksm3ZdHHA.3648@TK2MSFTNGP05.phx.gbl...
>> yes.. believe it or not they did say this
>>
>> read here
>>
>> http://www.digitmag.co.uk/news/index.cfm?NewsID=7603
>>
>>
>>
>>
>>
>> "Andre Da Costa[ActiveWin]" <andred25@hotmail.com> wrote in message
>> news:uKCmJzZdHHA.4352@TK2MSFTNGP03.phx.gbl...
>>>I don't remember reading anywhere that Vista is more secure than OS X or
>>>Linux. But I did read that Vista is the most secure version of Windows
>>>yet.
>>> --
>>> Andre
>>> Blog: http://adacosta.spaces.live.com
>>> My Vista Quickstart Guide:
>>> http://adacosta.spaces.live.com/blog...3DB!9709.entry
>>> "jim kirk" <11@11.11> wrote in message
>>> news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
>>>> As I have predicted vista will be the biggest target ever
>>>> for all kinds of attacks. It will be brought down to its knees
>>>> by the hackers. Why? Well because MS boasted about it being secure...
>>>> and everyone knows that this is a lie.
>>>> Now all the hackers have to do is play! Although I wish no harm to
>>>> anyone... vista needs a good smack-down to show
>>>> the world what a piece of crap it really is. MS has the NERVE to CLAIM
>>>> that vista is more secure than linux or Macs...
>>>> ohhh their asking for it BIG TIME!
>>>>
>>>> see a video here of the .ani attack (this effects all versions of
>>>> windows, but I thought vista was secure.. what the heck is UAC doing?
>>>> sleeping? )
>>>>
>>>> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>>>>
>>>> see article here:
>>>>
>>>> March 30, 2007
>>>> Follow-up: Vista vulnerable to animated cursor flaw
>>>> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
>>>> related to the way those browsers in Windows XP Service Pack 2 handle
>>>> animated cursors. At the time, the word was that it would not affect
>>>> IE7 on Windows Vista because of that browser's Protected Mode, which
>>>> isolates it from the operating system.
>>>>
>>>> However, apparently IE need not be involved at all. Just the way
>>>> Windows handles animated cursors leaves the operating system
>>>> vulnerable. Drag a malicious animated cursor file (.ani) to the Vista
>>>> desktop and . . .
>>>>
>>>> Well, see for yourself, courtesy of this video by McAfee's Craig
>>>> Schmugar:
>>>>
>>>> Yes, what you're watching is an endless loop of Windows Explorer
>>>> crashing and restarting, over and over. In its security bulletin on the
>>>> flaw, Microsoft mentions that one way to spread this would be via
>>>> e-mail. Indeed, an e-mail attachment saved to the desktop would be just
>>>> the thing to kick off this crash-restore cycle.
>>>>
>>>> It will be interesting to see how fast Microsoft patches this
>>>> vulnerability.
>>>>
>>>> Update: Security firm eEye has issued a third-party patch for the flaw.
>>>> Use it at your own risk.
>>>>
>>>> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>>>>
>>>
>>>
>>
>
>

errrr could the user who knows very little regain control of the pc and
continue working?

ill tell you what.. I wont wreck your car, ill just remove the steering
wheel so you cant use it...lol

do you like it? :-)




"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
news:ukU%23jBadHHA.4624@TK2MSFTNGP03.phx.gbl...
> Was the system compromised? Was the user account even compromised? Yes it
> caused a crash but was it able to use this to exploit the system?
>
> --
> Kerry Brown
> Microsoft MVP - Shell/User
> http://www.vistahelp.ca
>
>
> "jim kirk" <11@11.11> wrote in message
> news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
>> As I have predicted vista will be the biggest target ever
>> for all kinds of attacks. It will be brought down to its knees
>> by the hackers. Why? Well because MS boasted about it being secure... and
>> everyone knows that this is a lie.
>> Now all the hackers have to do is play! Although I wish no harm to
>> anyone... vista needs a good smack-down to show
>> the world what a piece of crap it really is. MS has the NERVE to CLAIM
>> that vista is more secure than linux or Macs...
>> ohhh their asking for it BIG TIME!
>>
>> see a video here of the .ani attack (this effects all versions of
>> windows, but I thought vista was secure.. what the heck is UAC doing?
>> sleeping? )
>>
>> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>>
>> see article here:
>>
>> March 30, 2007
>> Follow-up: Vista vulnerable to animated cursor flaw
>> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
>> related to the way those browsers in Windows XP Service Pack 2 handle
>> animated cursors. At the time, the word was that it would not affect IE7
>> on Windows Vista because of that browser's Protected Mode, which isolates
>> it from the operating system.
>>
>> However, apparently IE need not be involved at all. Just the way Windows
>> handles animated cursors leaves the operating system vulnerable. Drag a
>> malicious animated cursor file (.ani) to the Vista desktop and . . .
>>
>> Well, see for yourself, courtesy of this video by McAfee's Craig
>> Schmugar:
>>
>> Yes, what you're watching is an endless loop of Windows Explorer crashing
>> and restarting, over and over. In its security bulletin on the flaw,
>> Microsoft mentions that one way to spread this would be via e-mail.
>> Indeed, an e-mail attachment saved to the desktop would be just the thing
>> to kick off this crash-restore cycle.
>>
>> It will be interesting to see how fast Microsoft patches this
>> vulnerability.
>>
>> Update: Security firm eEye has issued a third-party patch for the flaw.
>> Use it at your own risk.
>>
>> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>>
>

Logon as a different user and delete the file. I'll ask again was the system
compromised?

Yes there was a bug found in Windows. All programs have bugs. That's a
reality with the current state of computers. The security in Vista stops
this bug from being used to compromise the system. So far I haven't seen an
exploit that uses this bug that can affect anything other than the current
user in Vista. That is exactly what UAC and the other security features in
vista are designed to do.

--
Kerry Brown
Microsoft MVP - Shell/User
http://www.vistahelp.ca


"kirk jim" <11@11.11> wrote in message
news:uC0h3jedHHA.4172@TK2MSFTNGP05.phx.gbl...
> errrr could the user who knows very little regain control of the pc and
> continue working?
>
> ill tell you what.. I wont wreck your car, ill just remove the steering
> wheel so you cant use it...lol
>
> do you like it? :-)
>
>
>
>
> "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
> news:ukU%23jBadHHA.4624@TK2MSFTNGP03.phx.gbl...
>> Was the system compromised? Was the user account even compromised? Yes it
>> caused a crash but was it able to use this to exploit the system?
>>
>> --
>> Kerry Brown
>> Microsoft MVP - Shell/User
>> http://www.vistahelp.ca
>>
>>
>> "jim kirk" <11@11.11> wrote in message
>> news:O80LobZdHHA.2316@TK2MSFTNGP04.phx.gbl...
>>> As I have predicted vista will be the biggest target ever
>>> for all kinds of attacks. It will be brought down to its knees
>>> by the hackers. Why? Well because MS boasted about it being secure...
>>> and everyone knows that this is a lie.
>>> Now all the hackers have to do is play! Although I wish no harm to
>>> anyone... vista needs a good smack-down to show
>>> the world what a piece of crap it really is. MS has the NERVE to CLAIM
>>> that vista is more secure than linux or Macs...
>>> ohhh their asking for it BIG TIME!
>>>
>>> see a video here of the .ani attack (this effects all versions of
>>> windows, but I thought vista was secure.. what the heck is UAC doing?
>>> sleeping? )
>>>
>>> http://www.youtube.com/watch?v=hf0S0Vk7j6I
>>>
>>> see article here:
>>>
>>> March 30, 2007
>>> Follow-up: Vista vulnerable to animated cursor flaw
>>> On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
>>> related to the way those browsers in Windows XP Service Pack 2 handle
>>> animated cursors. At the time, the word was that it would not affect IE7
>>> on Windows Vista because of that browser's Protected Mode, which
>>> isolates it from the operating system.
>>>
>>> However, apparently IE need not be involved at all. Just the way Windows
>>> handles animated cursors leaves the operating system vulnerable. Drag a
>>> malicious animated cursor file (.ani) to the Vista desktop and . . .
>>>
>>> Well, see for yourself, courtesy of this video by McAfee's Craig
>>> Schmugar:
>>>
>>> Yes, what you're watching is an endless loop of Windows Explorer
>>> crashing and restarting, over and over. In its security bulletin on the
>>> flaw, Microsoft mentions that one way to spread this would be via
>>> e-mail. Indeed, an e-mail attachment saved to the desktop would be just
>>> the thing to kick off this crash-restore cycle.
>>>
>>> It will be interesting to see how fast Microsoft patches this
>>> vulnerability.
>>>
>>> Update: Security firm eEye has issued a third-party patch for the flaw.
>>> Use it at your own risk.
>>>
>>> Update 2.0: Microsoft -- Attacks on Windows Flaw Rise
>>>
>>
>
>