This Patch Tuesday includes something to stop valid .txt, .doc or .rtf text files from causing a malicious .dll being loaded from the same network folder…
Days ahead of the patch folks all around the world have been able to take over almost any PC on a LAN running that other OS just by placing a malicious .dll on some networked storage device. The mind boggles. I can see SANs intended to share files among the group to be used to own the whole LAN. I can see malware being crafted between now and then to seek out such situations and bringing the house down. These folks will work overtime to exploit this hole large enough to drive oil-tankers through.
If there ever was an instance that pushed people over the threshold to migration to GNU/Linux, this could be it. Stay tuned to see whether the lights dim.
Yep, “Important” but not “Critical” that every version of that other OS from XP SP3 to “7” Ultimate 64bits is vulnerable to remote code execution if a bit of malware gets in anywhere on the LAN. How much sleep will be had tonight? How many millions of machines will go unpatched for the next few weeks? What horrors are to follow?
If this is not enough to spoil your day, IE is doing privilege escalations again… Hey! Trolls! Are any of you going to claim that other OS is secure after this?