There is a serious vulnerability in Mozilla Firefox, tested with 2.0.0.1,
but quite certainly affecting all recent versions.

This makes it possible for evil.com to modify location.hostname as
described above, and have the resulting HTTP request still sent to
evil.com. Once the new page is loaded, the attacker will be able to set
cookies for *.example.com; he'll be also able to alter document.domain
accordingly, in order to bypass the same-origin policy for XMLHttpRequest
and cross-frame / cross-window data access.

A quick demonstration is available here:
http://lcamtuf.dione.cc/ffhostname.html

The impact is quite severe: malicious sites can manipulate authentication
cookies for third-party webpages, and, by the virtue of bypassing
same-origin policy, can possibly tamper with the way these sites are
displayed or how they work.

Regards,
/mz

What MS needs to do is follow the foot step of Apple. Instead releasing patches and SP for FREE, they need to release them as "UPGRADE" and charge people for them.

WTF you people are thinking??? Wow another patch. It will download in the background. When it's done downloading, it will wastes me a minute to click on updating it. And oh yea, I will need to reset the computer, which takes another minute.

With Vista, a computer restart will not be needed 75% of the time from what I hear. Also every update for Vista so far does not require a restart on my Vista Ultimate Edition install--so far, so good...

Well vista has no patches at least ;)

Huh? Do you mean TODAY?

Ignorance IS bliss!

Vista has several patches, just none that are "Highly critical" yet :)

There are over 11 "recommended" updates on mine so far (some of those may have been for Office XP as well though).

That's only another 12 patches to install from fresh when formatting.

That takes the total up (for me) to around 70 from fresh install.

I'm currently downloading 18--yes, eighteen--patches from Windows Update.

What bothers me isn't the amount of patches, but how Microsoft idiotically limits releases to one Tuesday a month. Okay, yes, I know, the policy is meant to accommodate IT departments who have to test the patches before deploying them across their networks. But why enforce that sort of schedule on the rest of us? Make the patches available as soon as they're completed, and let the corporate departments set their own "once a month" testing policy.

I currently have 87 waiting to be downloaded for Ubuntu...and thats just from last month, so it's no picnic on the Linux side either.

For all of us doing fresh installs I really with MS would roll all of the updates for the year into an anual service pack. I find the .net updates tobe the worst.

but for ubuntu you update all the software the package manager deals with as well, which is generally most of it.. so its not to bad.. the fresh installs of that os suck as well though.

MS doing annual "roll ups" would be nice.. Make less work for all of us who like to have a clean install every now and then..

Do what I do--manually downloud the .exe files or the .msi files and burn them to a CD. Just install them that way rather than from windows update--much faster.

I'm sure there are third party utilities that also better automate that sort of thing as well.

"Okay, yes, I know, the policy is meant to accommodate IT departments who have to test the patches before deploying them across their networks. But why enforce that sort of schedule on the rest of us?"

Answer: Because releasing the patch means revealing the exploit, which would destroy the whole reason behind the monthly updates.

In other words--they don't do what you suggested because they can't do what you suggested.

I just got the latest patches and between Windows XP and Office 2003 there were "only" 19 of them...gee and the software has only been on the market for at least 3 years!

No holes to plug in Office 2007 and Windows Vista? Poor hackers... ((wiping tears))

um, just wait a few days... There will be. Guaranteed.

There have been several minor flaws found already.

First, it is possible for audio played over speakers to trigger Speech Recognition. This can do pretty much anything, although it is slowed by the rate of human speech and recognition. However I think this would be more of an issue of poor sound equipment arrangement and volume/balance levels than a Windows flaw.

Also any program with "install", "setup", or "patch" in it's name will, by default, prompt for elevation. Again I don't think this was a bad decision by MS because there's no easy way to tell if a program needs elevation if it lacks a manifest file. If the program doesn't conform to known installer types, checking the filename is about the only other thing you can do to try and figure out if it does. I consider the ability to exploit this minor, because you are still prompted by UAC.

And actually there are two updates for Vista and one for Office 2007... but they're just junk filters for Mail and Outlook, and the Malicious Software Removal Tool.

The hackers still have many months (years maybe?) of massive XP usage to exploit.. Vista will be the target when the time comes, which will be soon I'm sure.

I'm pleasantly surprised in the lack of holes in Office 2007.

Give Vista time, there's bound to be holes.

"... it is possible for audio played over speakers to trigger Speech Recognition. This can do pretty much anything, although it is slowed by the rate of human speech and recognition."

This relies on:

1. The user being stupid enough to open a file crafted for the exploit.
2. For them to be running speech recognition.
3. For them to have set up their microphone facing the speakers (genius).
4. For the microphone and speakers to be set to *just* the right volume.

Sorry, but that is never, ever an exploit in my book.

It's a function doing what it's told. After all, it *is* supposed to recognise speech.

No "Highly critical" updates, but over 11 "Recommended updates" and other "Optional Add-ons". Apparently folks are swift to comment on an OS that they aren't even using!