“all three holes can be exploited remotely”
So much for the vaunted security of that other OS. All versions since XP sp 3 have been actively exploited by malware artists for a month. All the malware artists had to do was insert some XML in a website to do whatever they wanted with PCs and servers running that other OS.
It’s just foolish
- to rely on that other OS for most IT, and
- not to punish M$ for waiting months to fix a problem M$ created that rendered so much IT a liability.
This vulnerability was public back on June 12 but was detected way back on March 22. “Assigned (20120322)”
It is a crime in Canada to cause death by negligence. That is analagous to cause most of IT to be so simply compromised and not to at least warn the world about the uncovered manhole that is M$’s OS. Instead M$ proclaims this or that new feature added to the bloat and making their stuff so wonderful…
I recommend Debian GNU/Linux because it works for you and not some corporation utterly unworthy of your trust.
Debian: “We will not hide problems
We will keep our entire bug report database open for public view at all times. Reports that people file online will promptly become visible to others.”
“Microsoft has patched an under-attack zero-day vulnerability in XML Core Services as part of the July edition of Patch Tuesday.”
see also The Register