WordPad zero-day adds to MS security woes

Back to the article

Martin Lyne

Honk-honk! #

Posted Thursday 11th December 2008 11:01 GMT

Your failboat has arrived.

Good way to get people to move to Vista or Linux though. Make all the old Windows security risks again.

Ryan

So... #

Posted Thursday 11th December 2008 11:43 GMT

They *have* released a patch for the majority already? (SP3 of course!)

Anonymous Coward

Oh for heavens sake! #

Posted Thursday 11th December 2008 12:44 GMT

"In addition, an unpatched vulnerability in WordPad has also become fodder for malicious hackers. The issue affects the Wordpad text converter for Word 97."

Look I don't want to get all on the MS bashing train but FFS! It's fecking text editor with a few tweaks for colour and font, HTF does it give "malicious hackers" something to work on? WTF is in that O/S? Oh yes, sorry we can't tell you 'cos it's proprietry IP!

I know the cock-up with SSL certs was a bit of an unmitigated disaster for Debian, but for crying out loud, a text editor?!

David Wiernicki

Yes... #

Posted Thursday 11th December 2008 21:04 GMT

...but what about mspaint?

WordPad Zero-Day Flaw to Servers??? #

Posted Thursday 11th December 2008 21:50 GMT

Only a stupid admin would check his/her e-mail on a Windows server and then open an attachment with WordPad. So why is this a server zero-day flaw?

Daniel Harris

Wordpad has been around for ages... #

Posted Friday 19th December 2008 23:25 GMT

So surely this Wordpad flaw has been around for many years now? Would they have ever had to change the code for the Wordpad program very much over the years? I'd guess not so it must have been around for quite a while now?

Forums

Forums home

Sign up, sign up for The Register's weekly IT security newsletter - click here